The network element must have the Finger service disabled.

From Perimeter Router Security Technical Implementation Guide Juniper

Part of The finger service is not disabled.

SV-15306r2_rule The network element must have the Finger service disabled.

Vulnerability discussion

The finger service supports the UNIX finger protocol, which is used for querying a host about the users that are logged on. This service is not necessary for generic users. If an attacker were to find out who is using the network, they may use social engineering practices to try to elicit classified DoD information.

Check content

Under the edit system services hierarchy, enter a show command to verify that the finger command is not present.

Fix text

Configure the device to disable the Finger service.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer