Check: GEN006400
SUSE Linux Enterprise Server v11 for System z STIG:
GEN006400
(in versions v1 r12 through v1 r9)
Title
The Network Information System (NIS) protocol must not be used. (Cat II impact)
Discussion
Due to numerous security vulnerabilities existing within NIS, it must not be used. Possible alternative directory services are NIS+ and LDAP.
Check Content
Perform the following to determine if NIS is active on the system: # ps -ef | grep ypbind If NIS is found active on the system, this is a finding.
Fix Text
Disable the use of NIS. Use as a replacement NIS+ or LDAP.
Additional Identifiers
Rule ID: SV-46282r1_rule
Vulnerability ID: V-867
Group Title: GEN006400
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001435 |
The organization defines networking protocols within the information system deemed to be nonsecure. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |