Information
The Finger service should be disabled.
Rationale:
Finger is a simple TCP service dating back to the early 1970's that provides information on users logged into a system to other users on the network.
While this was a useful feature in the early days of the Internet, providing information about a router to unauthenticated users is not quite so desirable in today's Internet and presents a serious threat to the security of a JUNOS network device.
The finger daemon itself has suffered from numerous vulnerabilities across many platforms and, as with any unneeded service, should be disabled for this reason also.
Solution
The Finger service is not enabled by default, however if it has been configured on your router it can by disabled by issuing the following command from the [edit system services] hierarchy;
[edit system services]
user@host#delete finger
Default Value:
Finger is disabled on most versions of JUNOS by default. The service cannot be used on FIPS versions of JUNOS.