An error occurred:

Check: GEN003860

HP-UX 11.31 STIG: GEN003860 (in versions v1 r19 through v1 r13)

Title

The system must not have the finger service active. (Cat III impact)

Discussion

The finger service provides information about the system's users to network clients. This could expose information that could be used in subsequent attacks.

Check Content

# cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' |grep -v "^#" | \ cut -f 6,7 -d " " | grep -c -i fingerd If the fingerd service is not disabled, this is a finding.

Fix Text

Edit /etc/inetd.conf and comment out the fingerd line. Restart the inetd service via the following command: # inetd -c

Additional Identifiers

Rule ID: SV-35136r1_rule

Vulnerability ID: V-4701

Group Title: GEN003860

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001551

The organization defines approved authorizations for controlling the flow of information between interconnected systems.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-4

Information Flow Enforcement