← Back to Riverbed NetIM OS Security Technical Implementation Guide

V-275574

CAT II (Medium)

Ubuntu OS must not have the "systemd-timesyncd" package installed.

Rule ID

SV-275574r1147772_rule

STIG

Riverbed NetIM OS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000366

Discussion

Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate. Organizations must consider endpoints that may not have regular access to the authoritative time server (e.g., mobile, teleworking, and tactical endpoints).

Check Content

Verify the "systemd-timesyncd" package is not installed by using the following command: 
 
     $ dpkg -l | grep systemd-timesyncd 
 
If the "systemd-timesyncd" package is installed, this is a finding.

Fix Text

The "systemd-timesyncd" package will be uninstalled as part of the "chrony" package install. The remaining configuration files for "systemd-timesyncd" must be purged from the operating system: 
 
     $ sudo dpkg -P --force-all systemd-timesyncd