Navigate

Check: GEN006380

HP-UX 11.31 STIG: GEN006380 (in versions v1 r19 through v1 r13)

Title

The system must not use UDP for Network Information System (NIS/NIS+). (Cat I impact)

Discussion

Implementing NIS or NIS+ under UDP may make the system more susceptible to a Denial of Service attack and does not provide the same quality of service as TCP.

Check Content

If the system does not use NIS or NIS+, this is not applicable. Check if NIS or NIS+ is implemented using UDP. # rpcinfo -p | grep yp | grep udp If NIS or NIS+ is implemented using UDP, this is a finding.

Fix Text

Configure the system to not use UDP for NIS and NIS+. HP-UX specific documentation (note the major version of NIS+ currently running) should be consulted for the required procedure.

Additional Identifiers

Rule ID: SV-35147r1_rule

Vulnerability ID: V-4399

Group Title: GEN006380

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001436	The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check