SV-99321r1_rule
V-88671
SRG-OS-000355-GPOS-00143
VROM-SL-001085
CAT II
10
To specify a remote NTP server for time synchronization, edit the file "/etc/ntp.conf". Add or correct the following lines, substituting the IP or hostname of a remote NTP server for ntpserver by using the following command:
# echo "server [ntpserver]" >> /etc/ntp.conf
Replace [ntpserver] with one of the USNO time servers. This instructs the NTP software to contact that remote server to obtain time data.
Restart the service with:
# service ntp restart
A remote NTP server should be configured for time synchronization. To verify one is configured, open the following files:
# cat /etc/ntp.conf | grep server | grep -v '^#'
# cat /etc/ntp.conf | grep peer | grep -v '^#'
# cat /etc/ntp.conf | grep multicastclient | grep -v '^#'
Confirm the servers and peers or multicastclient (as applicable) are local or an authoritative U.S. DoD source.
If a non-local/non-authoritative time-server is used, this is a finding.
V-88671
False
VROM-SL-001085
A remote NTP server should be configured for time synchronization. To verify one is configured, open the following files:
# cat /etc/ntp.conf | grep server | grep -v '^#'
# cat /etc/ntp.conf | grep peer | grep -v '^#'
# cat /etc/ntp.conf | grep multicastclient | grep -v '^#'
Confirm the servers and peers or multicastclient (as applicable) are local or an authoritative U.S. DoD source.
If a non-local/non-authoritative time-server is used, this is a finding.
M
3461