STIGQter: STIG Summary: BIND 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The BIND 9.x server implementation must not be configured with a channel to send audit records to null.

DISA Rule

SV-207540r612253_rule

Vulnerability Number

V-207540

Group Title

SRG-APP-000125-DNS-000012

Rule Version

BIND-9X-001017

Severity

CAT III

CCI(s)

• CCI-001348 - The information system backs up audit records on an organization-defined frequency onto a different system or system component than the system or component being audited.

Weight

10

Fix Recommendation

Edit the "named.conf" file.

Remove any instance of the following:

category null { null; };

Restart the BIND 9.x process.

Check Contents

Verify that the BIND 9.x server is not configured to send audit logs to the null channel.

Inspect the "named.conf" file for the following:

category null { null; }

If there is a category defined to send audit logs to the "null" channel, this is a finding.

Vulnerability Number

V-207540

Documentable

False

Rule Version

BIND-9X-001017

Severity Override Guidance

Verify that the BIND 9.x server is not configured to send audit logs to the null channel.

Inspect the "named.conf" file for the following:

category null { null; }

If there is a category defined to send audit logs to the "null" channel, this is a finding.

Check Content Reference

M

Target Key

2926

Comments