Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======2.2.3 Ensure Avahi Server is not enabled (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. Avahi allows programs to publish and discover services and hosts running on a local network with no specific configuration. For example, a user can plug a computer into a network and Avahi automatically finds printers to print to, files to look at and people to talk to, as well as network services running on the machine. =====Rationale===== Automatic discovery of network services is not normally required for system functionality. It is recommended to disable the service to reduce the potential attach surface. =====Audit===== Run the following command to verify ''avahi-daemon'' is not enabled: <Code:bash> # systemctl is-enabled avahi-daemon disabled </Code> Verify result is not "enabled". =====Remediation===== Run the following command to disable ''avahi-daemon'': <Code:bash> systemctl disable avahi-daemon </Code> centos7/2/2/3.txt Last modified: 2017/05/04 15:56by 127.0.0.1