Detections
Analytics
BIND-9X-001210 - The TSIG keys used with the BIND 9.x implementation must be group owned by a privileged account.
Information
Incorrect ownership of a TSIG key file could allow an adversary to modify the file, thus defeating the security objective.Solution
Change the group ownership of the TSIG keys to the named process group.# chgrp <named_proccess_group> <TSIG_key_file>
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_BIND_9-x_V3R1_STIG.zip
Item Details
Audit Name: DISA BIND 9.x STIG v3r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(2)(b), CAT|II, CCI|CCI-000186, Rule-ID|SV-272378r1123864_rule, STIG-ID|BIND-9X-001210, Vuln-ID|V-272378
Plugin: Unix
Control ID: 03a546db558e71b672e5c0ca2e6e76d94c2e391a78daed3f587d38028cf91eb5