Disable Unused Network Services

Description

Disables and masks unnecessary listening services (rpcbind, avahi-daemon, cups, postfix on non-mail servers). Each removed service eliminates an attack surface.

CVSS Vector Impacts

CWE Relationships

Verification

List listening services and verify only necessary ones are active

References

• CIS RHEL 9 Benchmark — 2. Services