The Use of NIS UNIX check always reports a risk, even when NIS is not running. (NETIQKB45211)

  • Document ID:7745211
  • Creation Date:02-Feb-2007
  • Modified Date:24-May-2007
    • Micro Focus Products:
      Secure Configuration Manager

Resolution

fact
NetIQ Vulnerability Manager 5.0

fact
NetIQ Vulnerability Manager 5.5

symptom
The Use of NIS UNIX check always reports a risk, even when NIS is not running.

symptom
VM tells me that my UNIX server's Network Information Service is a potential risk, but the service isn't currently running.

fix

The Use of NIS check is for informational purposes only and serves as an indicator that the Network Information Service is running.

To create a custom check to provide a correct risk score when NIS is running:

  1. Start NetIQ Vulnerability Manager.
  2. Expand Security Knowledge > Security Checks.
  3. Right-click My Checks and select New Security Check.
  4. In the Security Check Wizard, select UNIX as the Platform.
  5. Expand the Host object and select System Configuration.
  6. Click Next.
  7. In the Available Attributes column, select NIS state.
  8. Click the > button to add NIS state to the Attributes to Check column.
  9. Click Next.
  10. Under Attribute, select NIS state.
  11. Under Operator, select equals.
  12. Under Type, select Value.
  13. Under Criteria, type 1 in the field. A value of 1 indicates NIS is running, while 0 indicates NIS is not running.
  14. Click Next three times.
  15. On the Define Properties window, type an appropriate name in the Check Name field and a description in the Brief Description field.
  16. Click Finish.

After you create the new custom check, you can add the check to a new or existing template to run or simply right-click the check and select Run Security Checks.



note

As stated in the product documentation, complex custom checks are beyond the scope of NetIQ Technical Support. Due to the many operators and programmable logic available inside a custom check, NetIQ Technical Support is available to answer only basic questions on the tool itself and provide information on simple queries inside the tool. Contact NetIQ Professional Services for assistance on building and troubleshooting more complex custom checks.



note
For more information about creating custom checks and running policy templates, see the NetIQ Vulnerability Manager 5.5 User Guide.

Additional Information

Formerly known as NETIQKB45211