The AIX DHCP client must not send dynamic DNS updates.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215427 | SRG-OS-000480-GPOS-00227 | AIX7-00-003132 | SV-215427r991589_rule | 2024-08-16 | 3 |
| Description |
|---|
| Dynamic DNS updates transmit unencrypted information about a system including its name and address and should not be used unless needed. |
| ℹ️ Check |
|---|
| If AIX does not use DHCP client, this is Not Applicable. Determine if the system's DHCP client is configured to send dynamic DNS updates: # grep "^updateDNS" /etc/dhcpc.opt /etc/dhcpcd.ini If any lines are returned, this is a finding. |
| ✔️ Fix |
|---|
| Configure the system's DHCP client to not send dynamic DNS updates. Remove or comment-out "updateDNS" lines from the "/etc/dhcpcd.ini" and "/etc/dhcpc.opt" files. |