2.2.14 Ensure NIS server is not installed

Information

The ypserv package provides the Network Information Service (NIS). This service, formally known as Yellow Pages, is a client-server directory service protocol for distributing system configuration files. The NIS server is a collection of programs that allow for the distribution of configuration files.

Rationale:

The NIS service is inherently an insecure system that has been vulnerable to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. NIS generally has been replaced by such protocols as Lightweight Directory Access Protocol (LDAP). It is recommended that the ypserv package be removed, and if required a more secure services be used.

Solution

Run the following command to remove ypserv:

# yum remove ypserv

See Also

https://workbench.cisecurity.org/files/3152

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., 800-53|CM-11, CSCv7|2.6, CSCv7|9.2

Plugin: Unix

Control ID: fc0f210d3ecd35be9eb519c0574dec653fdf62f625391a6005df22c0a38c1434