Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The DNS implementation must use internal system clocks to generate time stamps for audit records.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34037 | SRG-NET-000096-DNS-000053 | SV-44490r1_rule | Medium |
| Description |
|---|
| Determining the correct time a particular event occurred within the DNS architecture is critical when conducting forensic analysis and investigating system events. Without the use of an approved and synchronized time source, configured on the systems, events cannot be accurately correlated and analyzed to determine what is transpiring within the DNS implementation. If an event has been triggered on the network, and the DNS is not configured with the correct time, the event may be seen as insignificant, when in reality the events are related and may have a larger impact across the network. Synchronization of system clocks is needed in order to correctly correlate the timing of events that occur across multiple DNS systems. Determining the correct time a particular event occurred on a system, via time stamps, is critical when conducting forensic analysis and investigating system events. |
| STIG | Date |
|---|---|
| Domain Name System (DNS) Security Requirements Guide | 2012-10-24 |
Details
| Check Text ( C-42005r1_chk ) |
|---|
| Review the DNS configuration to determine if audit logs are being generated with time stamps derived from the underlying internal system. If time stamps on audit logs are based on something other than the system clock or a DNS clock synchronized with the system clock, this is a finding. |
| Fix Text (F-37953r1_fix) |
|---|
| Configure the DNS implementation to use internal system clocks to generate time stamps for audit records. |