4.1.4.2 NFS - de-install NFS server

Information

De-install NFS server if the server does not act as an NFS server to remote clients.

Rationale:

NFS is frequently exploited to gain unauthorized access to file and directories. Unless the server needs to act as an NFS server or client, the filesets should be de-installed.

Solution

Ensure that there are no current NFS exports:

cat /etc/exports

The above command should yield no output. Or the file should not exist.
De-install the NFS sever software:

installp -u bos.net.nfs.server

If there was an empty /etc/exports file, remove it:

rm /etc/exports

Default Value:

N/A

Additional Information:

Reversion:

Re-install the software from the product DVD's

See Also

https://workbench.cisecurity.org/benchmarks/7851