RHEL 9 must disable the chrony daemon from acting as a server.
An XCCDF Rule
Description
Minimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface. Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049
- ID
- SV-257946r958480_rule
- Version
- RHEL-09-252025
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
Configure RHEL 9 to disable the chrony daemon from acting as a server by adding/modifying the following line in the /etc/chrony.conf file:
port 0