Securing Remote Access on AIX 4.3.3 using OpenSSH

by Dave Randell
Sept. 1, 2017 0 comments SANS Institute unix issues

The purpose of this paper is to confirm the existence of a security vulnerability relating to the network access of our AIX servers, demonstrate a viable means to overcome it, and to verify that the solution has truly eliminated the exposure. AIX is a robust Unix operating system, but as with many others, out of the box, it is less than optimally configured to prevent unauthorized users from intercepting communications coming or going via its network connections. I offer insight into the implementation of an application that can be used to greatly increase the confidentiality, integrity and availability of data flowing to and from a machine running AIX 4.3.3. The application is OpenSSH (Secu re Shell).