UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must not use UDP for NIS/NIS+.


Overview

Finding ID Version Rule ID IA Controls Severity
V-240430 VRAU-SL-000545 SV-240430r671031_rule Medium
Description
Implementing NIS or NIS+ under UDP may make the system more susceptible to a denial-of-service attack and does not provide the same quality of service as TCP.
STIG Date
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2023-09-22

Details

Check Text ( C-43663r671029_chk )
If the SLES for vRealize does not use NIS or NIS+, this is not applicable.

Check if NIS or NIS+ is implemented using UDP:

# rpcinfo -p | grep yp | grep udp

If NIS or NIS+ is implemented using UDP, this is a finding.
Fix Text (F-43622r671030_fix)
Configure the SLES for vRealize to not use UDP for NIS and NIS+. Consult vendor documentation for the required procedure.