STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

RHEL 8 must disable network management of the chrony daemon.

DISA Rule

SV-230486r627750_rule

Vulnerability Number

V-230486

Group Title

SRG-OS-000095-GPOS-00049

Rule Version

RHEL-08-030742

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the operating system disable network management of the chrony daemon by adding/modifying the following line in the /etc/chrony.conf file.

cmdport 0

Check Contents

Verify RHEL 8 disables network management of the chrony daemon with the following command:

$ sudo grep -w 'cmdport' /etc/chrony.conf

cmdport 0

If the "cmdport" option is not set to "0", is commented out or missing, this is a finding.

Vulnerability Number

V-230486

Documentable

False

Rule Version

RHEL-08-030742

Severity Override Guidance

Verify RHEL 8 disables network management of the chrony daemon with the following command:

$ sudo grep -w 'cmdport' /etc/chrony.conf

cmdport 0

If the "cmdport" option is not set to "0", is commented out or missing, this is a finding.

Check Content Reference

M

Target Key

2921

Comments