An error occurred:

Check: RHEL-06-000247

Red Hat Enterprise Linux 6 STIG: RHEL-06-000247 (in versions v2 r2 through v1 r14)

Title

The system clock must be synchronized continuously, or at least daily. (Cat II impact)

Discussion

Enabling the "ntpd" service ensures that the "ntpd" service will be running and that the system will synchronize its time to any servers specified. This is important whether the system is configured to be a client (and synchronize only its own clock) or it is also acting as an NTP server to other systems. Synchronizing time is essential for authentication services such as Kerberos, but it is also important for maintaining accurate logs and auditing possible security breaches.

Check Content

Run the following command to determine the current status of the "ntpd" service: # service ntpd status If the service is enabled, it should return the following: ntpd is running... If the service is not running, this is a finding.

Fix Text

The "ntpd" service can be enabled with the following command: # chkconfig ntpd on # service ntpd start

Additional Identifiers

Rule ID: SV-218007r603264_rule

Vulnerability ID: V-218007

Group Title: SRG-OS-000355

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000160

The information system synchronizes internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.
CCI-001891

The information system compares internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-8 (1)

Synchronization With Authoritative Time Source