4.2.2 Ensure NIS client is not installed

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

If NIS is not used in the environment, disable the NIS client and de-install the software.

As NIS is extremely insecure, the NIS client packages must be removed from the system unless absolutely needed.

Solution

Ensure that all of the NIS daemons are inactive:

stopsrc -g yp

De-install the NIS client software:

installp -u bos.net.nis.client

See Also

https://workbench.cisecurity.org/benchmarks/10385