Check: RHEL-09-252010
RHEL 9 STIG:
RHEL-09-252010
(in version v2 r3)
Title
RHEL 9 must have the chrony package installed. (Cat II impact)
Discussion
Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
Check Content
Verify that RHEL 9 has the chrony package installed with the following command: $ dnf list --installed chrony Example output: chrony.x86_64 4.1-3.el9 If the "chrony" package is not installed, this is a finding.
Fix Text
The chrony package can be installed with the following command: $ sudo dnf install chrony
Additional Identifiers
Rule ID: SV-257943r1045001_rule
Vulnerability ID: V-257943
Group Title: SRG-OS-000355-GPOS-00143
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001891 |
The information system compares internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source. |
| CCI-004923 |
Compare the internal system clocks on an organization-defined frequency with organization-defined authoritative time source. |
Controls
| Number | Title |
|---|---|
| AU-8(1) |
Synchronization with Authoritative Time Source |