Check: IDNS-8X-400017
      
      
        
  Infoblox 8.x DNS STIG:
  IDNS-8X-400017
  
    (in versions v1 r2 through v1 r1)
  
      
      
    
  Title
The Infoblox NIOS version must be at the appropriate version. (Cat II impact)
Discussion
Each newer version of the name server software, especially the BIND software, generally is devoid of vulnerabilities found in earlier versions because it has design changes incorporated to address those vulnerabilities. These vulnerabilities have been exploited (i.e., some form of attack was launched), and sufficient information has been generated with respect to the nature of those exploits. It makes good business sense to run the latest version of name server software because theoretically, it is the safest version. However, even if the software is the latest version, it is not safe to run it in default mode. The security administrator must always configure the software to run in the recommended secure mode of operation after becoming familiar with the new security settings for the latest version.
Check Content
Infoblox systems use a modified version of BIND DNS software, which adds features and addresses security issues outside of those provided by ISC. Infoblox systems are provided as a hardened appliance and do not allow user access or upgrading of any software components, including BIND. The Infoblox support portal and release notes are the authoritative sources to validate version and applicability of vulnerabilities. 1. Verify the NIOS version by reviewing the "Grid, Upgrade" tab to show that all members are at the current version. 2. Use the Infoblox support portal to obtain current version information. If the Infoblox NIOS version is not currently under support maintenance or is not at the current approved version level, this is a finding.
Fix Text
Refer to the Infoblox NIOS Administrator Guide if necessary. 1. Log on to the Infoblox support portal and download the current approved Long Term Support version of NIOS for Federal Systems. 2. Perform a Grid upgrade.
Additional Identifiers
Rule ID: SV-233875r1082645_rule
Vulnerability ID: V-233875
Group Title: SRG-APP-000516-DNS-000103
Expert Comments
      
        
        
      
      
        
  CCIs
      
      
        
        
      
    
  | Number | Definition | 
|---|---|
| CCI-000366 | Implement the security configuration settings. | 
      
        
        
      
      
        
  Controls
      
      
        
        
      
    
  | Number | Title | 
|---|---|
| CM-6 | Configuration Settings |