2.2.8 Ensure DNS Server is not enabled (Scored)

Level 1 - Server
Level 1 - Workstation 

The Domain Name System (DNS) is a hierarchical naming system that maps names to IP addresses for computers, services and other resources connected to a network.

Unless a system is specifically designated to act as a DNS server, it is recommended that the package be deleted to reduce the potential attack surface.

Run the following commands to verify named is not enabled:

# systemctl is-enabled named

Verify result is not “enabled”.

Run the following command to disable named:

# systemctl disable named
  • centos7/2/2/8.txt
  • Last modified: 2017/05/04 16:46
  • by Piotr Kłoczewski