iCompaas Support

Profile Applicability:
 • Level 1

Description:
 DNS server services resolve domain names to IP addresses. If the system is not intended to provide DNS services, disabling these services reduces the attack surface and prevents unauthorized DNS resolution or spoofing.

Rationale:
 Disabling unused DNS server services minimizes network exposure and limits potential exploitation through DNS-based attacks.

Impact:
 Pros:

• Reduces risk of DNS-related attacks and misconfigurations.
  

• Limits unnecessary network services running on the system.
  

Cons:

• Disabling DNS server on systems that require it may cause service disruptions.
  

Default Value:
 DNS server services may be enabled by default on some systems.

Pre-requisites:

• Root or sudo privileges to manage system services.
  

Remediation:

Test Plan:

Using Linux command line:

1.Check if DNS server service is enabled:

systemctl is-enabled named  
systemctl is-enabled bind9

2. Check if DNS server service is running:

systemctl status named  
systemctl status bind9

Implementation Plan:

Using Linux command line:

1. Disable DNS server services:

systemctl disable named  
systemctl disable bind9

2. Stop running DNS server services:

systemctl stop named  
systemctl stop bind9

3. Verify services are disabled and stopped:

systemctl is-enabled named  
systemctl is-enabled bind9  
systemctl status named  
systemctl status bind9

Backout Plan:

Using Linux command line:

1. Enable and start DNS server services if required:

systemctl enable named  
systemctl start named  
systemctl enable bind9  
systemctl start bind9

2. Verify service status.

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• Systemd Service Management