Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Resources
Documents
Publishers
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Red Hat Enterprise Linux CoreOS 4
Services
DNS Server
DNS Server
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
DNS Server
1 Rule
Most organizations have an operational need to run at least one nameserver. However, there are many common attacks involving DNS server software, and this server software should be disabled on any system on which it is not needed.
Disable DNS Server
1 Rule
DNS software should be disabled on any systems which does not need to be a nameserver. Note that the BIND DNS server software is not installed on Red Hat Enterprise Linux CoreOS 4 by default. The remainder of this section discusses secure configuration of systems which must be nameservers.
Uninstall bind Package
Low Severity
The
named
service is provided by the
bind
package. The
bind
package can be removed with the following command:
$ sudo dnf remove bind