| Re: [chrony-users] (SCAP-Finding) command port has to be closed |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
- To: chrony-users@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-users] (SCAP-Finding) command port has to be closed
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Thu, 22 Aug 2024 14:40:16 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1724330422; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YEvZn195NHHvdnaHjOtHcNsPHqjB/tDemkN8t4fBkXI=; b=BC7x4+uMRHE/Oen2PrS/COF0TC+CAU8kveojzSCGSLZNr24WtvlKxS/MNmvBFmOw1CfE8a YINnyAZ6QCIl2qkCtWhpa2Fjs0DXt1/zFLv/f0Y/3yiNa4AblC5ePzJVFygkHPeaMdHw0i tTddXu1I/3ml7qfdhy5YEnoHqisieUI=
On Wed, Aug 21, 2024 at 01:53:13PM +0200, Nuß Bratling wrote:
> Hi,
>
> There are these rules:
> RHEL9:
> https://www.stigviewer.com/stig/red_hat_enterprise_linux_9/2023-09-13/finding/V-257947
> RHEL8:
> https://www.stigviewer.com/stig/red_hat_enterprise_linux_8/2021-06-14/finding/V-230486
> I don't know if you know about these rules, and if no, would bringt it to
> your attention, that this rules perhaps should be changes, or, if you do
> know about these rules, I would like to ask what the rationale behind those
> are.
I'm aware that this thing exists and I agree that some of the
suggestions are questionable. It might depend on the use case. If
nothing is expected to be talking to the UDP port, it makes sense to
close it.
--
Miroslav Lichvar
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.