An error occurred:

Check: RHEL-09-215030

RHEL 9 STIG: RHEL-09-215030 (in versions v1 r3 through v1 r1)

Title

RHEL 9 must not have the ypserv package installed. (Cat II impact)

Discussion

The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session. Removing the "ypserv" package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services.

Check Content

Verify that the ypserv package is not installed with the following command: $ sudo dnf list --installed ypserv Error: No matching Packages to list If the "ypserv" package is installed, this is a finding.

Fix Text

Remove the ypserv package with the following command: $ sudo dnf remove ypserv

Additional Identifiers

Rule ID: SV-257829r925474_rule

Vulnerability ID: V-257829

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000381

The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7

Least Functionality