Check: GEN006380
Solaris 10 SPARC STIG:
GEN006380
(in versions v2 r4 through v1 r19)
Title
The system must not use UDP for NIS/NIS+. (Cat I impact)
Discussion
Implementing NIS or NIS+ under UDP may make the system more susceptible to a Denial of Service attack and does not provide the same quality of service as TCP.
Check Content
If the system does not use NIS or NIS+, this is not applicable. Check if NIS or NIS+ is implemented using UDP. Procedure: # rpcinfo -p | grep yp | grep udp If NIS or NIS+ is implemented using UDP, this is a finding.
Fix Text
Configure the system to not use UDP for NIS and NIS+. Consult vendor documentation for the required procedure.
Additional Identifiers
Rule ID: SV-227041r603265_rule
Vulnerability ID: V-227041
Group Title: SRG-OS-000095
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |