Finger Output contents.gifindex.gif

Finger Output

This option performs a finger search for users on the system. This information is used by the scan engine to attempt to find default accounts -- information that is useful to an intruder attempting to compromise a machine. The finger check provides information on the following:

ISS_NT00000000.gif how busy the machine is

ISS_NT00000000.gif login accounts

ISS_NT00000000.gif origins of other users

ISS_NT00000000.gif personal information about users.

Risk: Low

Fix: Disable finger or a install a new finger daemon to limit the type of information provided. To repair this vulnerability, turn off the finger daemon by editing /etc/inetd.

Under Windows NT, open Control Panel, Services and disable the finger service.

Warning: Repeated fingering can cause a scanned machine to become overloaded, which can cause it to crash. An intruder can use this susceptibility to crash the network.