STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Recursion must be disabled on Infoblox DNS servers which are configured as authoritative name servers.

DISA Rule

SV-214185r612370_rule

Vulnerability Number

V-214185

Group Title

SRG-APP-000383-DNS-000047

Rule Version

IDNS-7X-000440

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Navigate to Data Management >> DNS >> Members/Servers tab.

Select each grid member and click "Edit".
Select the "Queries" tab and disable recursion on all authoritative members.
When complete, click "Save & Close" to save the changes and exit the "Properties" screen.

Perform a service restart if necessary.

Check Contents

Navigate to Data Management >> DNS >> Members/Servers tab.

Select each grid member and click "Edit".
Review the "Queries" tab.
When complete, click "Cancel" to exit the "Properties" screen.

If recursion is not disabled on an authoritative name server, this is a finding.

Vulnerability Number

V-214185

Documentable

False

Rule Version

IDNS-7X-000440

Severity Override Guidance

Navigate to Data Management >> DNS >> Members/Servers tab.

Select each grid member and click "Edit".
Review the "Queries" tab.
When complete, click "Cancel" to exit the "Properties" screen.

If recursion is not disabled on an authoritative name server, this is a finding.

Check Content Reference

M

Target Key

3995

Comments