no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


centos7:2:3:5 [2017/05/04 17:17] (current) – created Piotr Kłoczewski
Line 1: Line 1:
 +======2.3.5 Ensure LDAP client is not installed (Scored)======
 +=====Profile Applicability=====  
 +<code>
 +Level 1 - Server
 +Level 1 - Workstation 
 +</code>
  
 +=====Description=====
 +The Lightweight Directory Access Protocol (LDAP) was introduced as a replacement for NIS/YP. It is a service that provides a method for looking up information from a central database.
 +
 +=====Rationale=====
 +If the system will not need to act as an LDAP client, it is recommended that the software be removed to reduce the potential attack surface..
 +
 +=====Audit===== 
 +Run the following commands to verify ''openldap-clients'' is not installed:
 +<Code:bash>
 +# rpm -q openldap-clients 
 +package openldap-clients is not installed
 +</Code>
 +
 +=====Remediation===== 
 +Run the following command to uninstall ''openldap-clients'':
 +<Code:bash>
 +# yum remove openldap-clients
 +</Code>
 +
 +=====Impact===== 
 +Removing the LDAP client will prevent or inhibit using LDAP for authentication in your environment.
  • centos7/2/3/5.txt
  • Last modified: 2017/05/04 17:17
  • by Piotr Kłoczewski