LowCheck or Attack Name: Finger Output
The finger service or daemon was detected as running. Finger can give an attacker information, such as login accounts and trusted hosts.
Disable finger, or install a finger daemon that limits the type of information provided.
Unix: Disable the finger daemon, or configure the type of information available from finger. Unix systems can use GNU finger available from ftp://prep.ai.mit.edu/pub/gnu/finger-1.37.tar.gz.
To disable the finger daemon started from inetd, follow these steps:
- Edit the /etc/inetd.conf (or equivalent) file.
- Locate the line that controls the daemon.
- Type a # at the beginning of the line to comment out the daemon.
- Restart inetd.
For more information on GNU finger, see ftp://prep.ai.mit.edu/pub/gnu/finger-1.37.tar.gz.
Windows: The finger service is not native to Windows, but may be present.
Note: The finger service may be included as part of another application, such as Netscape Mail Server.
WARNING: Repeated use of finger can cause a machine to become overloaded, which can cause it to stop responding. An attacker can use this susceptibility to disrupt the network.
To stop or disable the service in Windows NT, follow these steps:
- To permanently disable the service, click Disabled.
- To turn the service off unless manually activated by the user or a program, click Manual.
