Detections
Analytics
BIND-9X-001200 - The TSIG keys used with the BIND 9.x implementation must be owned by a privileged account.
Information
Incorrect ownership of a TSIG key file could allow an adversary to modify the file, thus defeating the security objective.Solution
Change the ownership of the TSIG keys to the named process it is running as.# chown <named_proccess_owner> <TSIG_key_file>.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_BIND_9-x_V3R1_STIG.zip
Item Details
Audit Name: DISA BIND 9.x STIG v3r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(2)(b), CAT|II, CCI|CCI-000186, Rule-ID|SV-272377r1123862_rule, STIG-ID|BIND-9X-001200, Vuln-ID|V-272377
Plugin: Unix
Control ID: 53a1728737681260e3d6eafe1df4e945cc214b28bb5fbe4dfb60d34e3fb9412e