iCompaas Support

Profile Applicability:
 • Level 1

Description:
 Print server services, such as CUPS, manage print jobs on the network. If the system does not require printing capabilities, disabling these services reduces unnecessary network exposure and potential security risks.

Rationale:
 Disabling unused print server services minimizes the system’s attack surface and prevents unauthorized access via printing protocols.

Impact:
 Pros:

• Limits network-based attack vectors.
  

• Reduces unnecessary services running on the system.
  

Cons:

• Disabling print services on systems that need them will disrupt printing functionality.
  

Default Value:
 Print server services may be enabled by default on some systems.

Pre-requisites:

• Root or sudo privileges to manage system services.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check if print server service is enabled:

systemctl is-enabled cups

2. Check if print server service is running:

systemctl status cups

Implementation Plan:

Using Linux command line:

1. Disable print server services:

systemctl disable cups

2. Stop running print server services:

systemctl stop cups

3. Verify services are disabled and stopped:

systemctl is-enabled cups  
systemctl status cups

Backout Plan:

Using Linux command line:

1. Enable and start print server services if required:

systemctl enable cups  
systemctl start cups

2. Verify service status.

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• Systemd Service Management