Check: GEN003860
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN003860
(in versions v1 r14 through v1 r10)
Title
The system must not have the finger service active. (Cat III impact)
Discussion
The finger service provides information about the system's users to network clients. This information could expose information that could be used in subsequent attacks.
Check Content
# grep -v "^#" /etc/inetd.conf |grep finger If the finger service is not disabled, this is a finding.
Fix Text
Edit /etc/inetd.conf and comment out the finger service line. Restart the inetd service.
Additional Identifiers
Rule ID: SV-27440r1_rule
Vulnerability ID: V-4701
Group Title: GEN003860
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001551 |
The organization defines approved authorizations for controlling the flow of information between interconnected systems. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| AC-4 |
Information Flow Enforcement |