✎ 2.2.16 Ensure NIS Server is not enabled (Scored) [SecScan]

This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong.

======2.2.16 Ensure NIS Server is not enabled (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The Network Information Service (NIS) (formally known as Yellow Pages) is a client-server directory service protocol for distributing system configuration files. The NIS server is a collection of programs that allow for the distribution of configuration files.

=====Rationale=====
The NIS service is inherently an insecure system that has been vulnerable to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. NIS generally been replaced by such protocols as Lightweight Directory Access Protocol (LDAP). It is recommended that the service be disabled and other, more secure services be used

=====Audit===== 
Run the following command to verify ''ypserv'' is not enabled:
<Code:bash>
# systemctl is-enabled ypserv
disabled
</Code>
Verify result is not "enabled".

=====Remediation===== 
Run the following command to disable ''ypserv'':
<Code:bash>
# systemctl disable ypserv
</Code>