The system clock must be synchronized to an authoritative DoD time source.

From Oracle Linux 6 Security Technical Implementation Guide

Part of SRG-OS-000056

Associated with: CCI-000160

SV-65019r1_rule The system clock must be synchronized to an authoritative DoD time source.

Vulnerability discussion

Synchronizing with an NTP server makes it possible to collate system logs from multiple sources or correlate computer events with real time events. Using a trusted NTP server provided by your organization is recommended.

Check content

A remote NTP server should be configured for time synchronization. To verify one is configured, open the following file. /etc/ntp.conf In the file, there should be a section similar to the following: # --- OUR TIMESERVERS ----- server [ntpserver] If this is not the case, this is a finding.

Fix text

To specify a remote NTP server for time synchronization, edit the file "/etc/ntp.conf". Add or correct the following lines, substituting the IP or hostname of a remote NTP server for ntpserver. server [ntpserver] This instructs the NTP software to contact that remote server to obtain time data.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer