Finger Names contents.gifindex.gif

Finger Names

This check attempts to finger common names to gather account information. This information is useful to an intruder, especially when attempting to breach a system by "social engineering. This is a process by which the intruder uses the information to contact users and, acting as an impostor, such as a person in authority, obtains information by subterfuge. The scanner will use the information gained to try to log in as the users.

Fix: Disable finger, or a install a new finger daemon to limit the type of information provided. To quickly repair this vulnerability, turn off the finger daemon.