Harden Debian by Not Using NIS

NIS is to setup a networked user authentication systems for Debian OS. It was the old software that was then replaced by LDAP software. This section guides you on how to harden Debian by not using NIS.

Identified Threats

(T-94) NIS Is Installed And Used By Default

(T-95) NIS Exposes Password Sharing In Plaintext Across Network

Actions Required

Avoid Using NIS

Identified Threats

These are the identified threats related to Debian software.

(T-94) NIS Is Installed And Used By Default

NIS is deprecated but used to manage networked credentials.

(T-95) NIS Exposes Password Sharing In Plaintext Across Network

NIS is transmitting sensitive data like password in plaintext.

Actions Required

Here are the list if actions to counter the issues.

Avoid Using NIS

LDAP exists for a reason. Use LDAP instead.

That's all for hardening Debian by not using NIS.

Back to Debian Security Hardening

Page updated

Google Sites

Report abuse