UCF STIG Viewer Logo

The Network Information System (NIS) protocol must not be used.


Overview

Finding ID Version Rule ID IA Controls Severity
V-867 GEN006400 SV-867r2_rule ECSC-1 Medium
Description
Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP.
STIG Date
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE 2018-09-18

Details

Check Text ( C-851r2_chk )
Perform the following to determine if NIS is active on the system.

# ps -ef | egrep '(ypbind|ypserv)'

If NIS is found active on the system, this is a finding.
Fix Text (F-1021r2_fix)
Disable the use of NIS. Possible replacements are NIS+ and LDAP.