Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Network Information System (NIS) protocol must not be used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-867 | GEN006400 | SV-37742r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2016-06-01 |
Details
| Check Text ( C-36937r2_chk ) |
|---|
| Perform the following to determine if NIS is active on the system: # ps -ef | grep ypbind If NIS is found active on the system, this is a finding. |
| Fix Text (F-32202r1_fix) |
|---|
| Disable the use of NIS/NIS+. Use as a replacement Kerberos or LDAP. |