UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DNS implementation must produce log records containing sufficient information to establish the sources of the events.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33978 SRG-NET-000077-DNS-000037 SV-44431r1_rule Medium
Description
Auditing and logging are key components of any security architecture. Without information establishing the source of activity, the value of audit records from a forensics perspective is questionable. In order to establish and correlate the series of events leading up to an outage or attack, it is imperative the source or originator of the log record is recorded in all audit trails.
STIG Date
Domain Name System (DNS) Security Requirements Guide 2012-10-24

Details

Check Text ( C-41982r1_chk )
Review the DNS server configuration to determine if the source of the events is a configurable option within the audit/logging utility and it is being captured and stored. If the DNS is not configured to capture and store the source of an event, this is a finding.
Fix Text (F-37893r1_fix)
Configure the DNS server to produce log records which indicate the source of the events.

Additionally, configure the audit facility of the DNS system to provide information to establish the source of events.