[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90733-7

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Do Not Use Dynamic DNS To prevent the DHCP server from receiving DNS information from clients, edit '/etc/dhcp/dhcpd.conf', and add or correct the following global option: 'ddns-update-style none;'


Parameter:


Technical Mechanism:

The Dynamic DNS protocol is used to remotely update the data served by a DNS server. DHCP servers can use Dynamic DNS to publish information about their clients. This setup carries security risks, and its use is not recommended. If Dynamic DNS must be used despite the risks it poses, it is critical that Dynamic DNS transactions be protected using TSIG or some other cryptographic authentication mechanism. See dhcpd.conf(5) for more information about protecting the DHCP server from passing along malicious DNS data from its clients. Fix: No Remediation Info

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31146
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30423


OVAL    2
oval:org.secpod.oval:def:31146
oval:org.secpod.oval:def:30423

© SecPod Technologies