Navigate

Check: GEN006380

AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE: GEN006380 (in versions v1 r14 through v1 r10)

Title

The system must not use UDP for NIS/NIS+. (Cat I impact)

Discussion

Implementing NIS or NIS+ under UDP may make the system more susceptible to a Denial of Service attack and does not provide the same quality of service as TCP.

Check Content

If the system does not use NIS or NIS+, this is not applicable. Check if NIS or NIS+ is implemented using UDP. Procedure: # rpcinfo -p | grep yp | grep udp If NIS or NIS+ is implemented using UDP, this is a finding.

Fix Text

Configure the system to not use UDP for NIS and NIS+. Consult vendor documentation for the required procedure.

Additional Identifiers

Rule ID: SV-4399r2_rule

Vulnerability ID: V-4399

Group Title: GEN006380

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001436	The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check