{"description": "Network interfaces expand the attack surface of the\nsystem.  Unused interfaces are not monitored or controlled, and\nshould be disabled.\n<br /><br />\nIf the system does not require network communications but still\nneeds to use the loopback interface, remove all files of the form\n<tt>ifcfg-<i>interface</i></tt> except for <tt>ifcfg-lo</tt> from\n<tt>/etc/sysconfig/network-scripts</tt>:\n<pre>$ sudo rm /etc/sysconfig/network-scripts/ifcfg-<i>interface</i></pre>\nIf the system is a standalone machine with no need for network access or even\ncommunication over the loopback device, then disable this service.\n\nThe <code>network</code> service can be disabled with the following command:\n<pre>$ sudo systemctl mask --now network.service</pre>", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": {}, "platform": "", "platforms": [], "inherited_platforms": [], "cpe_platform_names": [], "title": "Disable Unused Interfaces", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network_disable_unused_interfaces/group.yml"}