RHEL 9 must not have the ypserv package installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-257829 | RHEL-09-215030 | SV-257829r1044896_rule | CCI-000381 | medium |
| Description | ||||
| The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session. Removing the "ypserv" package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services. | ||||
| STIG | Date | |||
| Red Hat Enterprise Linux 9 Security Technical Implementation Guide | 2025-05-14 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-7
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.6
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000381
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-257829r1044896_chk)
Verify that the ypserv package is not installed with the following command:
$ dnf list --installed ypserv
Error: No matching Packages to list
If the "ypserv" package is installed, this is a finding.
Fix Text (F-61494r925473_fix)
Remove the ypserv package with the following command:
$ sudo dnf remove ypserv