As part of Best Security Practices, it is recommended to remove service clients that are not required for normal operation to reduce local attack. Here are the following programs or clients that need to remove. (Not in particular order)
1.NIS Client
-it is used to bind a machine to NIS server, and receive the distributed config files. NIC is an insecure system and can be vulnerable to attacks like DOS, buffer overflows. It has poor authentication mechanism as well.
Command to verify if NIS is installed or not:
rpm -q ypbind
Recommendation: to remove nis package
yum remove ypbind
dnf remove ypbind
2. Telnet Client
-it allows users to establish connections to other systems via the telnet protocol. It is insecure and and not encrypted, meaning it could allow unauthorized users to steal credentials.
Note: Some users required telnet for testing and troubleshooting,e.g. if ports are open, so this depends on the environment and requirement.
Command to verify if telnet is installed or not:
rpm -q telnet
Recommendation: to remove telnet
yum remove telnet
dnf remove telnet
3. Lightweight Directory Access Protocol (LDAP) client
-LDAP provides a method of looking up information from a central database, and was a replacement to NIS.
Command to verify if LDAP client is installed or not:
rpm -q openldap-clients
Recommendation: to remove LDAP client to reduce potential attack area
yum remove openldap-clients
dnf remove openldap-clients
