CXL - Securing your mid-range systems.
VMS tests
The following tests are performed during a VMS review:
No
Code
Description
Risk
1
SUMMARY
Summary
1 1.1
PRIVS
Privileges
High
2 1.2
LEVELS
Levels
High
3 1.3
FLAGS
Flags
High
4 1.4
NETLI
Network Logins
Medium
2
PWDS
Passwords
5 2.1
PWDLIFE
Password life
Medium
6 2.2
PWDLENU
Users password length
Medium
7 2.3
PWDCHANGES
Distribution of password changes
Medium
8 2.4
PWDLEN
Password length
Medium
3
A/C
Accounts
9 3.1
UNA/C
Unused accounts
Medium
10 3.2
NOOWN
No owners
Low
4
SPAC
Specific accounts
11 4.1
AC-SYSTEM
SYSTEM Account
High
12 4.2
AC-FIELD
FIELD Account
High
13 4.3
AC-DEFAULT
DEFAULT Account
High
5
LOGINS
Logins
14 5.1
LINOI
Non-interactive Logins
Low
15 5.2
LIBOT
Both types of login
Low
16 5.3
LIINT
Interactive logins
Low
17 5.4
LLOGINS
Last logins
Low
18 5.5
LIFAIL
Login failures
Low
19 5.6
DEFDIR
Default Directories
Low
20 5.7
CLI
CLI
Low
21 5.8
LGICMD
LGICMD
Low
22 5.9
NCAPTIVE
Non-Captive
Medium
6
UICS
UICs
23 6.1
SHUICS
Shared UICs
Medium
24 6.2
LOWUICS
Low value UICs
Medium
7
SYSSET
System settings
25 7.1
UNLCPU
Unlimited cpu
Medium
26 7.2
PRCLM
PRCLM
Low
27 7.3
MXDETACH
Max Detached
Medium
8
FLAGS
Flags
28 8.1
CAPTIVE
Captive
Low
29 8.2
DISWELCOME
Diswelcome
Medium
30 8.3
DISNEWMAIL
Disnewmail
Low
31 8.4
DISMAIL
Flag - Dismail
Low
32 8.5
GENPWD
Flag - Genpwd
Medium
33 8.6
DISIMAGE
Flag - Disimage
Low
34 8.7
DISRECONNECT
Flag - Disreconnect
Low
35 8.8
DISREPORT
Flag - Disreport
High
36 8.9
DISUSER
Flag - Disuser
Low
37 8.10
LOCKPWD
Flag - Lockpwd
Medium
38 8.11
PWD_EXPIRED
Flag - Pwd_expired
Low
39 8.12
RESTRICTED
Flag - Restricted
Low
40 8.13
DISPWDDIC
Flag - Dispwddic
Medium
41 8.14
DEFCLI
Flag - Defcli
Medium
42 8.15
DISCTLY
Flag - Disctly
Low
43 8.16
AUDIT
Flag - Audit
Low
44 8.17
AUTOLOGIN
Flag - AutoLogin
Low
45 8.18
DISFORCE_PWD_CHANGE
Flag - Disforce_pwd_change
Medium
46 8.19
DISPWDHIS
Flag - Dispwdhis
Medium
47 8.20
PWD2_EXPIRED
Flag - Pwd2_Expired
Low
48 8.21
EXTAUTH
Flag - External authentication
Low
49 8.22
VMSAUTH
Flag - VMSauth
Low
50 8.23
PWDMIX
Flag - PwdMix
Medium
51 8.24
DISPWDSYNCH
Flag - DisPwdSynch
Low
9
LEVELS
Levels
52 9.1
LEVELS4-6
Levels 4 to 6
High
10
PRIVS
Privileges
53 10.1
ACNT
Privilege - Acnt
Low
54 10.2
ALLSPOOL
Privilege - Allspool
Low
55 10.3
ALTPRI
Privilege - Altpri
Medium
56 10.4
BUGCHK
Privilege - BugChk
Medium
57 10.5
BYPASS
Privilege - ByPass
Medium
58 10.6
CMEXEC
Privilege - Cmexec
Low
59 10.7
CMKRNL
Privilege - Cmkrnl
Medium
60 10.8
DETACH
Privilege - Detach
Low
61 10.9
DIAGNOSE
Privilege - Diagnose
Low
62 10.10
EXQUOTA
Privilege - Exquota
Low
63 10.11
GROUP
Privilege - Group
Low
64 10.12
GRPNAM
Privilege - Grpnam
Low
65 10.13
GRPPRV
Privilege - Grpprv
Low
66 10.14
LOGIO
Privilege - LogIO
Low
67 10.15
MOUNT
Privilege - Mount
Medium
68 10.16
NETMBX
Privilege - Netmbx
Low
69 10.17
OPER
Privilege - Oper
Medium
70 10.18
PFNMAP
Privilege - Pfnmap
Low
71 10.19
PHYIO
Privilege - Phyio
Medium
72 10.20
PRMCEB
Privilege - Prmceb
Low
73 10.21
PRMGBL
Privilege - Prmgbl
Low
74 10.22
PRMMBX
Privilege - Prmmbx
Low
75 10.23
PSWAPM
Privilege - Pswapm
Low
76 10.24
READALL
Privilege - Readall
High
77 10.25
PSECY
Privilege - Security
High
78 10.26
SETPRV
Privilege - Setprv
Medium
79 10.27
SHARE
Privilege - Share
Low
80 10.28
SHMEM
Privilege - Shmem
Low
81 10.29
SYSGBL
Privilege - Sysgbl
Medium
82 10.30
SYSLCK
Privilege - Syslck
Medium
83 10.31
SYSNAM
Privilege - Sysnam
High
84 10.32
SYSPRV
Privilege - Sysprv
High
85 10.33
TMPMBX
Privilege - Tmpmbx
Low
86 10.34
VOLPRO
Privilege - Volpro
Low
87 10.35
WORLD
Privilege - World
Low
88 10.36
AUDIT
Privilege - Audit
Medium
89 10.37
DGRADE
Privilege - Downgrade
Medium
90 10.38
PIMPT
Privilege - Import
Low
91 10.39
UGRADE
Privilege - Upgrade
Low
92 10.40
IPNATE
Privilege - Impersonate
Medium
93 10.41
OVERALL
Flags/Privilege - Overall
Medium
OSA
www.cxlsecure.com