STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide

V-269333

CAT II (Medium)

AlmaLinux OS 9 must prevent the chrony daemon from acting as a server.

Rule ID

SV-269333r1050215_rule

STIG

Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide

Version

V1R6

CCIs

CCI-000381

Discussion

Being able to determine the system time of a server can be useful information for various attacks from timebomb attacks to location discovery based on time zone. Minimizing the exposure of the server functionality of the chrony daemon reduces the attack surface.

Check Content

Verify AlmaLinux OS 9 disables the chrony daemon from acting as a server with the following command:

$ chronyd -p | grep -w port

port 0

If the "port" option is not set to "0" or is missing, this is a finding.

Fix Text

Configure AlmaLinux OS 9 to disable the chrony daemon from acting as a server by adding/modifying the following line in the /etc/chrony.conf file:

port 0