The DNS implementation must protect audit information from unauthorized modification.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34040	SRG-NET-000099-DNS-000056	SV-44493r1_rule		Medium

Description
Protection of audit records and audit data is of critical importance. Care must be taken to ensure users cannot circumvent audit protections put in place against modification of the audit data. If audit data were to become compromised by modification, competent forensic analysis and discovery of the true source of potentially malicious system activity is difficult if not impossible to achieve. In addition, access to audit records provides information an attacker could potentially use to his or her advantage. To ensure the integrity of audit data, the DNS implementation must protect audit information from any and all unauthorized modifications.

Description

Protection of audit records and audit data is of critical importance. Care must be taken to ensure users cannot circumvent audit protections put in place against modification of the audit data. If audit data were to become compromised by modification, competent forensic analysis and discovery of the true source of potentially malicious system activity is difficult if not impossible to achieve. In addition, access to audit records provides information an attacker could potentially use to his or her advantage. To ensure the integrity of audit data, the DNS implementation must protect audit information from any and all unauthorized modifications.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42008r1_chk )
Review the DNS systems audit log permissions and access controls to determine if sufficient restrictions are configured to protect audit logs against unauthorized modifications. If appropriate controls and permissions do not exist, this is a finding.

Fix Text (F-37956r1_fix)
Configure the DNS system to protect the DNS audit log data against unauthorized modifications.