GEN003860 - The system must not have the finger service active.

Information

The finger service provides information about the system's users to network clients. This information could expose more information for potential used in subsequent attacks.

Solution

Edit /etc/xinetd.d/finger and set 'disable=yes'

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-4, CAT|III, CCI|CCI-001551, Group-ID|V-4701, Rule-ID|SV-37445r1_rule, STIG-ID|GEN003860, Vuln-ID|V-4701

Plugin: Unix

Control ID: f222958f593b317c27297115db94e18beb4b5934efb1c54a55e40d8ce33cbd17