UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The BIND 9.x server implementation must not be configured with a channel to send audit records to null.


Overview

Finding ID Version Rule ID IA Controls Severity
V-72379 BIND-9X-001017 SV-87003r1_rule Low
Description
DNS software administrators require DNS transaction logs for a wide variety of reasons including troubleshooting, intrusion detection, and forensics. Ensuring that the DNS transaction logs are recorded on the local system will provide the capability needed to support these actions. Sending DNS transaction data to the null channel would cause a loss of important data.
STIG Date
BIND 9.x Security Technical Implementation Guide 2020-03-23

Details

Check Text ( C-72583r1_chk )
Verify that the BIND 9.x server is not configured to send audit logs to the null channel.

Inspect the "named.conf" file for the following:

category null { null; }

If there is a category defined to send audit logs to the "null" channel, this is a finding.
Fix Text (F-78735r1_fix)
Edit the "named.conf" file.

Remove any instance of the following:

category null { null; };

Restart the BIND 9.x process.