Signed-off-by: Jeffrey Blank <[email protected]> --- RHEL6/input/services/ntp.xml | 32 ++++++++++++++------------------ 1 files changed, 14 insertions(+), 18 deletions(-)
diff --git a/RHEL6/input/services/ntp.xml b/RHEL6/input/services/ntp.xml index 3a8aba2..ee6e6c2 100644 --- a/RHEL6/input/services/ntp.xml +++ b/RHEL6/input/services/ntp.xml @@ -7,20 +7,17 @@ protocols can be used both to ensure that time is consistent among a network of machines, and that their time is consistent with the outside world. <br /><br /> -Local time synchronization is recommended for all networks. -If every machine on your network reliably reports the same time as -every other machine, then it is much easier to correlate log -messages in case of an attack. In addition, a number of -cryptographic protocols (such as Kerberos) use timestamps to -prevent certain types of attacks. If your network does not have -synchronized time, these protocols may be unreliable or even -unusable. +If every system on a network reliably reports the same time, then it is much +easier to correlate log messages in case of an attack. In addition, a number of +cryptographic protocols (such as Kerberos) use timestamps to prevent certain +types of attacks. If your network does not have synchronized time, these +protocols may be unreliable or even unusable. <br /><br /> Depending on the specifics of the network, global time accuracy may be just as important as local synchronization, or not very important at all. If your -network is connected to the Internet, it is recommended that you make use of a -public timeserver or one provided by your enterprise or agency, since globally -accurate timestamps may be necessary if you need to investigate or respond to +network is connected to the Internet, using a +public timeserver (or one provided by your enterprise) provides globally +accurate timestamps which may be essential in investigating or responding to an attack which originated outside of your network. <br /><br /> A typical network setup involves a small number of internal systems operating as NTP @@ -65,17 +62,16 @@ This instructs the NTP software to contact that remote server to obtain time data. </description> <ocil clause="this is not the case"> -A remote NTP server should be configured for time synchronization. To verify -one is configured, open the following file: +To verify that a remote NTP service is configured for time synchronization, +open the following file: <pre>/etc/ntp.conf</pre> In the file, there should be a section similar to the following: -<pre># --- OUR TIMESERVERS ----- -server <i>ntpserver</i></pre> +<pre>server <i>ntpserver</i></pre> </ocil> -<rationale> Synchronizing with an NTP server makes it possible +<rationale>Synchronizing with an NTP server makes it possible to collate system logs from multiple sources or correlate computer events with -real time events. Using a trusted NTP server provided by your organization is -recommended.</rationale> +real time events. +</rationale> <ident cce="27098-3" /> <oval id="ntp_remote_server" /> <ref nist="AU-8(1)" disa="160" /> -- 1.7.1 _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
