4.1.4.2 NFS - de-install NFS server

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

De-install NFS server if the server does not act as an NFS server to remote clients.

Rationale:

NFS is frequently exploited to gain unauthorized access to file and directories. Unless the server needs to act as an NFS server or client, the filesets should be de-installed.

Solution

Ensure that there are no current NFS exports:

cat /etc/exports

The above command should yield no output. Or the file should not exist.
De-install the NFS sever software:

installp -u bos.net.nfs.server

If there was an empty /etc/exports file, remove it:

rm /etc/exports

Default Value:

N/A

Additional Information:

Reversion:

Re-install the software from the product DVD's

Note: When NFS Server software is installed then the Recommendation 4.1.4.7 is required. Otherwise, it may be skipped.

See Also

https://workbench.cisecurity.org/benchmarks/13069