Details

The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files. The NIS client (ypbind) was used to bind a machine to an NIS server and receive the distributed configuration files

Rationale:

The NIS service is inherently an insecure system that has been vulnerable to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. NIS generally has been replaced by such protocols as Lightweight Directory Access Protocol (LDAP). It is recommended that the service be removed.

Solution

Run the following command to remove ypbind:

# yum erase ypbind

Default Value:

OS Default: Disabled

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3096

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-11
• CSCv7|2.6

Source

• Tenable.com/audits