NetIQ Vulnerability Manager 5.0
NetIQ Vulnerability Manager 5.5
The Use of NIS UNIX check always reports a risk, even when NIS is not running.
VM tells me that my UNIX server's Network Information Service is a potential risk, but the service isn't currently running.
The Use of NIS check is for informational purposes only and serves as an indicator that the Network Information Service is running.
To create a custom check to provide a correct risk score when NIS is running:
- Start NetIQ Vulnerability Manager.
- Expand Security Knowledge > Security Checks.
- Right-click My Checks and select New Security Check.
- In the Security Check Wizard, select UNIX as the Platform.
- Expand the Host object and select System Configuration.
- Click Next.
- In the Available Attributes column, select NIS state.
- Click the > button to add NIS state to the Attributes to Check column.
- Click Next.
- Under Attribute, select NIS state.
- Under Operator, select equals.
- Under Type, select Value.
- Under Criteria, type
1in the field. A value of
1indicates NIS is running, while
0indicates NIS is not running.
- Click Next three times.
- On the Define Properties window, type an appropriate name in the Check Name field and a description in the Brief Description field.
- Click Finish.
After you create the new custom check, you can add the check to a new or existing template to run or simply right-click the check and select Run Security Checks.
As stated in the product documentation, complex custom checks are beyond the scope of NetIQ Technical Support. Due to the many operators and programmable logic available inside a custom check, NetIQ Technical Support is available to answer only basic questions on the tool itself and provide information on simple queries inside the tool. Contact NetIQ Professional Services for assistance on building and troubleshooting more complex custom checks.
For more information about creating custom checks and running policy templates, see the NetIQ Vulnerability Manager 5.5 User Guide.