When starting up my system I see some “remote filesystem” services.
I would prefer disabling this entirely, as I dont need it and want to reduce loading time and attack service.
At least before logging in this should not be enabled.
I would like to find a complete way to do this
systemctl disable --now remote-fs.target
systemctl mask remote-fs.target
systemctl disable --now remote-cryptsetup.target
systemctl mask remote-cryptsetup.target
systemctl disable --now nfs-client.target
systemctl mask nfs-client.target
As a next step I could disable some kernel modules entirely
mkdir -p /etc/modprobe.d
cat > /etc/modprobe.d/network-filesystems.conf <<EOF
# block NFS
install nfs /bin/false
install nfsv2 /bin/false
install nfsv3 /bin/false
install nfsv4 /bin/false
EOF
There are way more things you could disable, checkout secureblue for a list.