CCE-90739-4Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Enable the NTP Daemon
The 'ntpd' service can be enabled with the following command:
'$ sudo systemctl enable ntpd'
Parameter:
Technical Mechanism:
Enabling the 'ntpd' service ensures that the 'ntpd'
service will be running and that the system will synchronize its time to
any servers specified. This is important whether the system is configured to be
a client (and synchronize only its own clock) or it is also acting as an NTP
server to other systems. Synchronizing time is essential for authentication
services such as Kerberos, but it is also important for maintaining accurate
logs and auditing possible security breaches.
The NTP daemon offers all of the functionality of 'ntpdate', which is now
deprecated. Additional information on this is available at
http://support.ntp.org/bin/view/Dev/DeprecatingNtpdate
Fix:
#
# Enable ntpd.service for all systemd targets
#
systemctl enable ntpd.service
#
# Start ntpd.service if not currently running
#
systemctl start ntpd.service
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30429 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31152 |