id: nis-client

info:
  name: Ensure NIS Client is Not Installed
  author: Th3l0newolf
  severity: info
  description: |
    The nis package provides the Network Information Service client, which is insecure and deprecated.If not explicitly required, it should be removed to reduce the system’s attack surface.
  remediation: |
    - Ensure the nis package is not installed unless explicitly required.
    - To remove the package, run: sudo apt-get remove nis -y
  reference:
    - https://www.cisecurity.org/benchmark/ubuntu_linux
  metadata:
    verified: true
  tags: cis,local,cisecurity,audit,linux,ubuntu,nis

self-contained: true

code:
  - engine:
      - bash

    args:
      - "-c"
      - |
        # Check if the nis package is installed
        if dpkg-query -W -f='${Status}' nis 2>/dev/null | grep -q "install ok installed"; then
          echo "[cis-nis-client-check:Policy-Fail] [NIS is installed] [CIS_FAIL]"
        else
          echo "[cis-nis-client-check:Policy-Pass] [NIS is not installed] [CIS_PASS]"
        fi

    matchers:
      - type: word
        name: policy-pass
        words:
          - "Policy-Pass"

      - type: word
        name: policy-fail
        words:
          - "Policy-Fail"
# digest: 4a0a00473045022100cfc6bf15d445dff51f2fba3848fa1387d14074791850f1f0c91293107f5149be022068f71166dae4ec578d4ca2b043f92349a31fc68dc0e945644c2831490c3665e2:922c64590222798bb761d5b6d8e72950