Free DISA STIG and SRG Library | Vaulted

V-3079

The network element must have the Finger service disabled.

Finding ID
NET0730
Rule ID
SV-15306r2_rule
Severity
Cat III
CCE
(None)
Group Title
The finger service is not disabled.
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

The finger service supports the UNIX finger protocol, which is used for querying a host about the users that are logged on. This service is not necessary for generic users. If an attacker were to find out who is using the network, they may use social engineering practices to try to elicit classified DoD information.

Fix Text

Configure the device to disable the Finger service.

Check Content

Under the edit system services hierarchy, enter a show command to verify that the finger command is not present.

Responsibility

Information Assurance Officer