Check: GEN006380
Title
The system must not use UDP for NIS/NIS+. (Cat I impact)
Discussion
Implementing NIS or NIS+ under UDP may make the system more susceptible to a Denial of Service attack and does not provide the same quality of service as TCP.
Check Content
If the system does not use NIS or NIS+, this is not applicable. Check if NIS or NIS+ is implemented using UDP. Procedure: # rpcinfo -p | grep yp | grep udp If NIS or NIS+ is implemented using UDP, this is a finding.
Fix Text
Configure the system to not use UDP for NIS and NIS+. Consult vendor documentation for the required procedure.
Additional Identifiers
Rule ID:
Vulnerability ID: V-4399
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |