UCF STIG Viewer Logo

Dynamic Host Configuration Protocol (DHCP) audit and event logs must record hostnames and MAC addresses to be stored online for thirty days and offline for one year.


Overview

Finding ID Version Rule ID IA Controls Severity
V-8099 NET0198 SV-8585r3_rule Low
Description
In order to identify and combat IP address spoofing, it is highly recommended that the DHCP server logs MAC addresses and hostnames on the DHCP server.
STIG Date
Network Infrastructure Policy Security Technical Implementation Guide 2018-09-27

Details

Check Text ( C-7480r3_chk )
Verify the DHCP audit and event logs include hostnames and MAC addresses of all clients. Also, validate logs are kept online for thirty days and offline for one year.

If the logs do not include hostnames and MAC addresses or if the logs are not kept online for thirty days and offline for one year, this is a finding.
Fix Text (F-7674r3_fix)
Configure the DHCP audit and event logs to log hostname and MAC addresses.

Store the logs for a minimum of thirty days online and then offline for one year.