Check: GEN006400
Solaris 10 X86 STIG:
GEN006400
(in versions v2 r4 through v1 r17)
Title
The Network Information System (NIS) protocol must not be used. (Cat II impact)
Discussion
Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP.
Check Content
Perform the following to determine if NIS is active on the system. # ps -ef | egrep '(ypbind|ypserv)' If NIS is found active on the system, this is a finding.
Fix Text
Disable the use of NIS. Possible replacements are NIS+ and LDAP.
Additional Identifiers
Rule ID: SV-227949r603266_rule
Vulnerability ID: V-227949
Group Title: SRG-OS-000095
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |