STIGQter: STIG Summary: BIND 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The BIND 9.x server implementation must maintain at least 3 file versions of the local log file.

DISA Rule

SV-207548r612253_rule

Vulnerability Number

V-207548

Group Title

SRG-APP-000125-DNS-000012

Rule Version

BIND-9X-001042

Severity

CAT III

CCI(s)

• CCI-001348 - The information system backs up audit records on an organization-defined frequency onto a different system or system component than the system or component being audited.

Weight

10

Fix Recommendation

Edit the "named.conf" file.

Add the "versions" variable to the end of the "file" sub statement in the channel statement.

Configure the "versions" sub statement to a number that is greater or equal to 3.

Restart the BIND 9.x process.

Check Contents

Verify that the BIND 9.x server is configured to retain at least 3 versions of the local log file.

Inspect the "named.conf" file for the following:

logging {
channel local_file_channel {
file "path_name" versions 3;
};

If the "versions" variable is not defined, this is a finding.

If the "versions" variable is configured to retain less than 3 versions of the local log file, this is a finding.

Vulnerability Number

V-207548

Documentable

False

Rule Version

BIND-9X-001042

Severity Override Guidance

Verify that the BIND 9.x server is configured to retain at least 3 versions of the local log file.

Inspect the "named.conf" file for the following:

logging {
channel local_file_channel {
file "path_name" versions 3;
};

If the "versions" variable is not defined, this is a finding.

If the "versions" variable is configured to retain less than 3 versions of the local log file, this is a finding.

Check Content Reference

M

Target Key

2926

Comments