Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-867 | GEN006400 | SV-46282r1_rule | ECSC-1 | Medium |
Description |
---|
Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP. |
STIG | Date |
---|---|
SUSE Linux Enterprise Server v11 for System z | 2013-04-18 |
Check Text ( C-36937r2_chk ) |
---|
Perform the following to determine if NIS is active on the system: # ps -ef | grep ypbind If NIS is found active on the system, this is a finding. |
Fix Text (F-39579r1_fix) |
---|
Disable the use of NIS. Use as a replacement NIS+ or LDAP. |