Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Network Information System (NIS) protocol must not be used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-867 | GEN006400 | SV-38487r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP. |
| STIG | Date |
|---|---|
| HP-UX 11.31 Security Technical Implementation Guide | 2016-12-20 |
Details
| Check Text ( C-36720r1_chk ) |
|---|
| Perform the following to determine if NIS is active on the system. # ps -ef | grep -v grep | egrep "ypbind|ypserv" If NIS is found active on the system, this is a finding. |
| Fix Text (F-32102r1_fix) |
|---|
| Disable the use of NIS. Possible replacements are NIS+ and LDAP-UX. |