Ensure DHCP Server is not enabled – isc-dhcp-server6

Details

The Dynamic Host Configuration Protocol (DHCP) is a service that allows machines to be dynamically assigned IP addresses.

Rationale:

Unless a system is specifically set up to act as a DHCP server, it is recommended that this service be deleted to reduce the potential attack surface.

Solution

Run one of the following commands to disable dhcpd:

# systemctl –now disable isc-dhcp-server

# systemctl –now disable isc-dhcp-server6

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/2970

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.

References

800-53|SI-4
CSCv6|9.1
CSCv7|9.2

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles