securetcpip Command

Purpose

Enables the operating system network security feature.

Syntax

securetcpip

Description

The securetcpip command provides enhanced security for the network. This command performs the following:

1. Runs the tcbck -a command, which disables the nontrusted commands and daemons: rcp, rlogin, rlogind, rsh, rshd, tftp, and tftpd. The disabled commands and daemons are not deleted; instead, they are changed to mode 0000. You can enable a particular command or daemon by re-establishing a valid mode.
2. Adds a TCP/IP security stanza to the /etc/security/config file. The stanza is in the following format:

   tcpip:
      netrc = ftp,rexec     /* functions disabling netrc */

Before running the securetcpip command, acquiesce the system by logging in as root user and executing the killall command to stop all network daemons.

Attention: The killall command kills all processes except the calling process. If logged in or applications are running, exit or finish before executing the killall command.

After issuing the securetcpip command, shut down and restart your system. All of your TCP/IP commands and network interfaces should be properly configured after the system restarts.

Files

Related Information

The killall command, tcbck command.

The .netrc file format.

Understanding Trusted Processes for TCP/IP in AIX Version 4.3 System Management Guide: Communications and Networks.