ubuntu1604:2:3:1

2.3.1 Ensure NIS Client is not installed (Scored)

Profile Applicability

Level 1 - Server
Level 1 - Workstation

Description

The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files. The NIS client (ypbind) was used to bind a machine to an NIS server and receive the distributed configuration files.

Rationale

The NIS service is inherently an insecure system that has been vulnerable to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. NIS generally has been replaced by such protocols as Lightweight Directory Access Protocol (LDAP). It is recommended that the service be removed.

Audit

Run the following commands to verify nis is not installed: 

dpkg -s nis

Remediation

Run the following command to uninstall nis: 

apt-get remove nis

Impact

Many insecure service clients are used as troubleshooting tools and in testing environments. Uninstalling them can inhibit capability to test and troubleshoot. If they are required it is advisable to remove the clients after use to prevent accidental or intentional misuse.

  • ubuntu1604/2/3/1.txt
  • Last modified: 2017/05/02 12:06
  • by Piotr Kłoczewski