Ensure Samba File Server Services Are Disabled and Not Running : iCompaas Support

Profile Applicability:
• Level 1

Description:
Samba provides file and print services to SMB/CIFS clients. If the system is not intended to act as a Samba file server, disabling these services reduces unnecessary network exposure and mitigates potential security risks.

Rationale:
Disabling unused Samba services minimizes the system’s attack surface and prevents unauthorized access via SMB protocols.

Impact:
Pros:

Reduces potential attack vectors related to file sharing services.
Limits unnecessary services running on the system.

Cons:

Disabling Samba on systems that require it will disrupt file sharing capabilities.

Default Value:
Samba services may be enabled or running by default on some systems.

Pre-requisites:

Root or sudo privileges to manage system services.

Remediation:

Test Plan:

Using Linux command line:

1. Check if Samba service is enabled:

systemctl is-enabled smb  
systemctl is-enabled nmb

2. Check if Samba service is running:

systemctl status smb  
systemctl status nmb

Implementation Plan:

Using Linux command line:

1. Disable Samba services:

systemctl disable smb  
systemctl disable nmb

2. Stop running Samba services:

systemctl stop smb  
systemctl stop nmb

3. Verify services are disabled and stopped:

systemctl is-enabled smb  
systemctl is-enabled nmb  
systemctl status smb  
systemctl status nmb

Backout Plan:

Using Linux command line:

1. Enable and start Samba services if required:

systemctl enable smb  
systemctl start smb  
systemctl enable nmb  
systemctl start nmb

2. Verify service status.

References:

CIS Amazon Linux 2 Benchmark v3.0.0
Systemd Service Management

Ensure Samba File Server Services Are Disabled and Not Running Print

Test Plan:

Implementation Plan:

Backout Plan:

Related Articles