The BIND 9.x server implementation must not be configured with a channel to send audit records to null.

An XCCDF Rule

Description

<VulnDiscussion>DNS software administrators require DNS transaction logs for a wide variety of reasons including troubleshooting, intrusion detection, and forensics. Ensuring that the DNS transaction logs are recorded on the local system will provide the capability needed to support these actions. Sending DNS transaction data to the null channel would cause a loss of important data.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-207540r612253_rule
Severity: Low
References: CCI-001348
Updated: about 1 year ago

Edit the "named.conf" file.

Remove any instance of the following:

category null { null; };
Restart the BIND 9.x process.

The BIND 9.x server implementation must not be configured with a channel to send audit records to null.

Description

Remediation - Manual Procedure