mediumservicesverified ✓rollback-safe
Ensure NIS client (ypbind) is not installed
package-ypbind-removed · RHEL ≥ 8 · 2 impls
Description
The ypbind package is the NIS (Network Information Service) client. NIS is an insecure legacy protocol and should not be used.
Rationale
NIS transmits authentication data unencrypted and has known security weaknesses. Modern alternatives like LDAP with TLS or Kerberos should be used instead.
Check → Remediate
Checkpackage_state
- name:
- ypbind
- state:
- absent
Remediatepackage_absent
- name:
- ypbind
Framework references
CIS
rhel9 2.2.3rhel8 2.2.3
NIST 800-53
CM-7IA-5
Live verification
rhel8:checkrhel9:check
#package#nis#ypbind#legacy#security