{"description": "The <tt>named</tt> service is provided by the <tt>unbound</tt> package.\nThe <code>unbound</code> package can be removed with the following command:\n<pre>\n$ apt-get remove unbound</pre>", "rationale": "If there is no need to make DNS server software available,\nremoving it provides a safeguard against its activation.", "severity": "low", "references": {"nist": ["CM-7(a)", "CM-7(b)", "CM-6(a)"], "srg": ["SRG-OS-000480-GPOS-00227"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {"stig": {"srg_requirement": "Ubuntu 22.04 must not have the unbound package installed.", "fixtext": " To remove the Ubuntu 22.04 package unbound run the following command:\n\n$ apt-get remove unbound", "checktext": "Verify that Ubuntu 22.04 does not have a Domain Name Server (DNS) server package installed with the following command:\n\n$ dnf list --installed unbound\n\npackage unbound is not installed\n\nIf the \"unbound\" package is installed and the information system security officer (ISSO) lacks a documented requirement for a DNS server, this is a finding.", "vuldiscussion": "If system is not a Domain Name Server (DNS) server it shouldn't have a DNS server package installed to decrease the attack surface of the system."}}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Uninstall unbound Package", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/dns/package_unbound_removed/rule.yml", "template": {"name": "package_removed", "vars": {"pkgname": "unbound"}, "backends": {}}}