valitydev/atomic-threat-coverage
14
0
Fork 0
mirror of https://github.com/valitydev/atomic-threat-coverage.git synced 2024-11-06 09:35:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
fc23f0ca8c
atomic-threat-coverage/logging_policies/LP_0034_linux_named_client_security_log.yml
yugoslavskiy 91e18d6a5b add DN_0096, DN_0097 and LP_0034
2019-08-29 02:49:55 +03:00

29 lines
778 B
YAML
Raw Blame History

title: LP_0034_linux_named_client_security_log
default: Not configured
volume: Low
description: >
Policy to enable BIND (named) DNS server client_security log
references:
- https://kb.isc.org/docs/aa-01526
configuration: |
Edit `/etc/bind/named.conf` file, adding the next configuration:
```
logging {
channel client_security_log {
file "/var/named/log/client_security" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
category security { client_security_log; };
category client{ client_security_log; };
```
Restart service to implementation configuration:
```
systemctl restart bind9.service
```
Reference in New Issue View Git Blame Copy Permalink