BIND-9X-001002 - The platform on which the name server software is hosted must only run processes and services needed to support the BIND 9.x implementation.


Hosts that run the name server software should not provide any other services. Unnecessary services running on the DNS server can introduce additional attack vectors leading to the compromise of an organization's DNS architecture.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.


Disable or uninstall all non-DNS related applications from the BIND 9.x server.

See Also

Item Details


References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-207534r612253_rule, STIG-ID|BIND-9X-001002, STIG-Legacy|SV-86991, STIG-Legacy|V-72367, Vuln-ID|V-207534

Plugin: Unix

Control ID: 419a8e40586892d862da3c88a1c086fe70745851810e6325c7fb74139b06d499