STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Red Hat Enterprise Linux 9 Security Technical Implementation Guide

V-257829

CAT II (Medium)

RHEL 9 must not have the ypserv package installed.

Rule ID

SV-257829r1044896_rule

STIG

Red Hat Enterprise Linux 9 Security Technical Implementation Guide

Version

V2R8

CCIs

CCI-000381

Discussion

The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session. Removing the "ypserv" package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services.

Check Content

Verify that the ypserv package is not installed with the following command:

$ dnf list --installed ypserv

Error: No matching Packages to list

If the "ypserv" package is installed, this is a finding.

Fix Text

Remove the ypserv package with the following command:

$ sudo dnf remove ypserv