← Rules Catalog
mediumservicesverified rollback-safe

Ensure NIS client (ypbind) is not installed

package-ypbind-removed · RHEL ≥ 8 · 2 impls

Description

The ypbind package is the NIS (Network Information Service) client. NIS is an insecure legacy protocol and should not be used.

Rationale

NIS transmits authentication data unencrypted and has known security weaknesses. Modern alternatives like LDAP with TLS or Kerberos should be used instead.

Check → Remediate

Checkpackage_state
name:
ypbind
state:
absent
Remediatepackage_absent
name:
ypbind

Framework references

CIS

rhel9 2.2.3rhel8 2.2.3

NIST 800-53

CM-7IA-5

Live verification

rhel8:checkrhel9:check
#package#nis#ypbind#legacy#security