TOC & Recently Viewed

Recently Viewed Topics

Disable "finger" Service

The following is a simple .audit file that looks for the insecure “finger” service on the remote router. This check will only run if the router IOS version matches the specified regex. Otherwise the check will be skipped. If the service is found, the audit will display a failure message.

<check_type: "Cisco">

 

<item>

type: CONFIG_CHECK_NOT

description: "Forbid Finger Service"

ios_version: "12\.[4-9]"

info: "Disable finger server."

item: "(ip|service) finger"

</item>

 

</check_type>

When running this command, the following output is expected from a compliant system:

"Forbid Finger Service" : [PASSED]

 

Disable finger server.

A failed audit would return the following output:

"Forbid Finger Service" : [FAILED]

Disable finger server.

- error message:

The following configuration line is set:

ip finger <----

 

Policy value:

(ip|service) finger

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.