Check: GEN006380
Solaris 10 X86 STIG:
GEN006380
(in versions v2 r4 through v1 r17)
Title
The system must not use UDP for NIS/NIS+. (Cat I impact)
Discussion
Implementing NIS or NIS+ under UDP may make the system more susceptible to a Denial of Service attack and does not provide the same quality of service as TCP.
Check Content
If the system does not use NIS or NIS+, this is not applicable. Check if NIS or NIS+ is implemented using UDP. Procedure: # rpcinfo -p | grep yp | grep udp If NIS or NIS+ is implemented using UDP, this is a finding.
Fix Text
Configure the system to not use UDP for NIS and NIS+. Consult vendor documentation for the required procedure.
Additional Identifiers
Rule ID: SV-227948r603266_rule
Vulnerability ID: V-227948
Group Title: SRG-OS-000095
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
CM-7 |
Least Functionality |