Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Any Network Information System (NIS+) server must be operating at security level 2.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-926 | GEN006460 | SV-38537r1_rule | ECSC-1 | Medium |
| Description |
|---|
| If the NIS+ server is not operating in, at least, security level 2, there is no encryption and the system could be penetrated by intruders and/or malicious users. |
| STIG | Date |
|---|---|
| HP-UX 11.23 Security Technical Implementation Guide | 2015-06-12 |
Details
| Check Text ( C-36723r1_chk ) |
|---|
| If the system is not using NIS+, this is not applicable. Check the system to determine if NIS+ security level two is implemented. Execute this command: # niscat cred.org_dir If the second column does not contain DES, the system is not using NIS+ security level two, and this is a finding. |
| Fix Text (F-32104r1_fix) |
|---|
| Configure the NIS+ server to use security level 2. |