Description
The ypserv package can be removed with the following command:
Rationale
The NIS service provides an unencrypted authentication service which does
not provide for the confidentiality and integrity of user passwords or the
remote session.
Removing the ypserv package decreases the risk of the accidental
(or intentional) activation of NIS or NIS+ services.
Shell script
The following script can be run on the host to remediate the issue.
#!/bin/bash
# CAUTION: This remediation script will remove ypserv
# from the system, and may remove any packages
# that depend on ypserv. Execute this
# remediation AFTER testing on a non-production
# system!
if rpm -q --quiet "ypserv" ; then
yum remove -y "ypserv"
fi
Ansible playbook
The following playbook can be run with Ansible to remediate the issue.
- name: Ensure ypserv is removed
package:
name: ypserv
state: absent
tags:
- CCE-27399-5
- DISA-STIG-RHEL-07-020010
- NIST-800-53-CM-6(a)
- NIST-800-53-CM-7(a)
- NIST-800-53-CM-7(b)
- NIST-800-53-IA-5(1)(c)
- PCI-DSS-Req-2.2.2
- PCI-DSSv4-2.2.4
- disable_strategy
- high_severity
- low_complexity
- low_disruption
- no_reboot_needed
- package_ypserv_removed
