>From ae2e10547e6f46ed4c930b09296e8c5c1d78b89b Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Sun, 13 Apr 2014 01:52:48 -0400 Subject: [PATCH 11/26] New RHEL6 rule: package_ypbind_removed
Added in support of CIS/C2S baseline OVAL already existed. Created XCCDF. --- RHEL/6/input/services/obsolete.xml | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) diff --git a/RHEL/6/input/services/obsolete.xml b/RHEL/6/input/services/obsolete.xml index 337e2b3..604be4d 100644 --- a/RHEL/6/input/services/obsolete.xml +++ b/RHEL/6/input/services/obsolete.xml @@ -285,6 +285,22 @@ as a client in a NIS or NIS+ domain. <ref nist="AC-17(8),CM-7" disa="305"/> <tested by="DS" on="20121026"/> </Rule> + +<Rule id="package_ypbind_removed"> +<title>Remove NIS Client</title> +<description>The Network Information Service (NIS), formerly known as Yellow Pages, +is a client-server directory service protocol used to distribute system configuration +files. The NIS client (<tt>ypbind</tt>) was used to bind a machine to an NIS server +and receive the distributed configuration files.</description> +<ocil><package-remove-macro package="ypbind"/></ocil> +<rationale>The NIS service is inherently an insecure system that has been vulnerable +to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. +NIS generally has been replaced by such protocols as Lightweight Directory Access +Protocol (LDAP). It is recommended that the service be removed.</rationale> +<ident cce="" /> +<oval id="package_ypbind_removed" /> +</Rule> + </Group> <Group id="tftp"> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
