Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======2.2.8 Ensure DNS Server is not enabled (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== The Domain Name System (DNS) is a hierarchical naming system that maps names to IP addresses for computers, services and other resources connected to a network. =====Rationale===== Unless a system is specifically designated to act as a DNS server, it is recommended that the package be deleted to reduce the potential attack surface. =====Audit===== Run the following commands to verify ''named'' is not enabled: <Code:bash> # systemctl is-enabled bind9 disabled </Code> Verify result is not "enabled". =====Remediation===== Run the following command to disable ''bind9'': <Code:bash> # systemctl disable bind9 </Code> ubuntu1604/2/2/8.txt Last modified: 2017/05/02 11:41by Piotr Kłoczewski