Check: GEN006380
HP-UX 11.31 STIG:
GEN006380
(in versions v1 r19 through v1 r13)
Title
The system must not use UDP for Network Information System (NIS/NIS+). (Cat I impact)
Discussion
Implementing NIS or NIS+ under UDP may make the system more susceptible to a Denial of Service attack and does not provide the same quality of service as TCP.
Check Content
If the system does not use NIS or NIS+, this is not applicable. Check if NIS or NIS+ is implemented using UDP. # rpcinfo -p | grep yp | grep udp If NIS or NIS+ is implemented using UDP, this is a finding.
Fix Text
Configure the system to not use UDP for NIS and NIS+. HP-UX specific documentation (note the major version of NIS+ currently running) should be consulted for the required procedure.
Additional Identifiers
Rule ID: SV-35147r1_rule
Vulnerability ID: V-4399
Group Title: GEN006380
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |