Uninstall bind Package
An XCCDF Rule
Description
The named
service is provided by the bind
package.
The bind
package can be removed with the following command:
$ apt-get remove bind
Rationale
If there is no need to make DNS server software available, removing it provides a safeguard against its activation.
- ID
- xccdf_org.ssgproject.content_rule_package_bind_removed
- Severity
- Low
- References
- Updated
Remediation - Ansible
- name: Ensure bind9 is removed
package:
name: bind9
state: absent
tags:
- NIST-800-53-CM-6(a)
Remediation - Shell Script
# CAUTION: This remediation script will remove bind9
# from the system, and may remove any packages
# that depend on bind9. Execute this
# remediation AFTER testing on a non-production
# system!
Remediation - Puppet
include remove_bind9
class remove_bind9 {
package { 'bind9':
ensure => 'purged',
}