Skip to content

2.2.16 Ensure rsync service is either not installed or masked

Audit#

Run the following command to verify rsync is not installed: 

dpkg-query -W -f='${binary:Package}\t${Status}\t${db:Status-Status}\n' rsync
rsync unknown ok not-installed not-installed

OR

Run the following commands to verify that rsync is inactive and masked: 

# systemctl is-active rsync
inactive
# systemctl is-enabled rsync
masked

Remediation#

Run the following command to remove rsync: 

# apt purge rsync

OR

Run the following commands to stop and mask rsync: 

# systemctl stop rsync
# systemctl mask rsync