Bootparam contents.gifindex.gif

Bootparam

If a machine is running bootparam, it is probably a server to diskless clients. If bootparam is running, and someone can guess which machines the client and servers are, an intruder can obtain the domain name from bootparam. With the domain name, an intruder can get NIS to provide the password file. This test checks to see if bootparam is running

Risk: Low

Fix: The corrective measure for this vulnerability is to make sure NIS is patched.