Ensure Avahi Daemon Services Are Disabled and Not Running : iCompaas Support

Profile Applicability:
• Level 1

Description:
The Avahi daemon provides service discovery on a local network via mDNS/DNS-SD. If not required, this service should be disabled to reduce unnecessary network exposure and potential security risks.

Rationale:
Disabling Avahi reduces the system’s attack surface by preventing unauthorized service advertisement and discovery on the network.

Impact:
Pros:

Minimizes network exposure and reduces attack vectors.
Prevents accidental service announcements.

Cons:

May disrupt applications relying on local network service discovery.

Default Value:
Avahi daemon may be enabled and running by default on some systems.

Pre-requisites:

Root or sudo privileges to manage system services.

Remediation:

Test Plan:

Using Linux command line:

1. Check if Avahi daemon service is enabled:

systemctl is-enabled avahi-daemon

2. Check if Avahi daemon service is running:

systemctl status avahi-daemon

Implementation Plan:

Using Linux command line:

1. Disable the Avahi daemon service:

systemctl disable avahi-daemon

2. Stop the running Avahi daemon service:

systemctl stop avahi-daemon

3. Verify service is disabled and stopped:

systemctl is-enabled avahi-daemon  
systemctl status avahi-daemon

Backout Plan:

Using Linux command line:

1. Enable and start Avahi daemon service if needed:

systemctl enable avahi-daemon  
systemctl start avahi-daemon

2. Verify service status.

References:

CIS Amazon Linux 2 Benchmark v3.0.0
Systemd Service Management

Ensure Avahi Daemon Services Are Disabled and Not Running Print

Test Plan:

Implementation Plan:

Backout Plan:

Related Articles