2.4 Disable NIS Server Services - domain

Information

The NIS server software is not installed by default and is only required on systems that are
acting as an NIS server for the local site. Typically there are only a small number of NIS
servers on any given network. These services are disabled by default unless the system has
been previously configured to act as a NIS server.

As RPC-based services such as NIS may use non-secure authentication and share sensitive
network object information with systems and applications using RPC-based services, this
service should be disabled. Users are encouraged to use LDAP as a name service in place of
NIS.

Solution

To disable this service, run the following commands-# svcadm disable svc-/network/nis/serverIf LDAP is not in use also disable nis/domain-# svcadm disable svc-/network/nis/domain

See Also

https://workbench.cisecurity.org/files/616