Check or Attack Name: finger

The finger service or daemon was detected as running. Finger can give an attacker information, such as login accounts and trusted hosts.

Disable finger, or install a finger service or daemon that limits the type of information provided.

Windows: The finger service is not native to Windows, but may be present. To stop or disable the service in Windows NT, follow these steps:

1. Open the Services control panel. From the Windows NT Start menu, select Settings, Control Panel, Services.
2. Select the service.
3. Click Stop.
4. When the service has stopped, click Startup.
5. Choose one of these options:
• To permanently disable the service, click Disabled.
• To turn the service off unless manually activated by the user or a program, click Manual.
6. Click OK, then click Close.

Unix: Disable the finger daemon or configure the type of information available from finger. Unix systems can use GNU finger available from ftp://prep.ai.mit.edu/pub/gnu/finger/finger-1.37.tar.gz.

To disable the finger daemon when started from inetd, follow these steps:

1. Edit the /etc/inetd.conf (or equivalent) file.
2. Locate the line that controls the daemon.
3. Type a # at the beginning of the line to comment out the daemon.
4. Restart inetd.

For more information on GNU finger, download the compressed file from ftp://prep.ai.mit.edu/pub/gnu/finger/finger-1.37.tar.gz. You will need decompression and untarring utilities to use this file.