UCF STIG Viewer Logo

The Network Information System (NIS) protocol must not be used.


Overview

Finding ID Version Rule ID IA Controls Severity
V-867 GEN006400 SV-867r2_rule ECSC-1 Medium
Description
Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP.
STIG Date
VMware ESX 3 Server 2016-05-13

Details

Check Text ( C-851r2_chk )
Perform the following to determine if NIS is active on the system.

# ps -ef | egrep '(ypbind|ypserv)'

If NIS is found active on the system, this is a finding.
Fix Text (F-1021r2_fix)
Disable the use of NIS. Possible replacements are NIS+ and LDAP.