Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. Infrastructure L3 Switch Security Technical Implementation Guide
  3. V-3079

V-3079

Network devices must have the Finger service disabled.

Finding ID
NET0730
Rule ID
SV-3079r3_rule
Severity
Cat III
CCE
(None)
Group Title
The finger service is not disabled.
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

The Finger service supports the UNIX Finger protocol, which is used for querying a host about the users that are logged on. This service is not necessary for generic users. If an attacker were to find out who is using the network, they may use social engineering practices to try to elicit classified DoD information.

Fix Text

Configure the device to disable the Finger service.

Check Content

Review the device configuration to determine if Finger has been implemented. If the Finger service is enabled, this is a finding.

Responsibility

Information Assurance Officer

Vaulted is more than a library.

SIGN UP FOR FREE