RHEL 9 must not have the ypserv package installed.
An XCCDF Rule
Description
<VulnDiscussion>The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session. Removing the "ypserv" package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-257829r925474_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Remove the ypserv package with the following command:
$ sudo dnf remove ypserv