
Finger Output
This option performs a finger search for users on the system. This information
is used by the scan engine to attempt to find default accounts -- information
that is useful to an intruder attempting to compromise a machine. The finger
check provides information on the following:
Risk: Low
Fix: Disable finger or a install a new finger daemon to limit the type of
information provided. To repair this vulnerability, turn off the finger daemon by
editing /etc/inetd.
Under Windows NT, open Control Panel, Services and disable the finger service.
Warning: Repeated fingering can cause a scanned machine to become overloaded, which
can cause it to crash. An intruder can use this susceptibility to crash the
network.
how busy the machine is
login accounts
origins of other users
personal information about users.