Disable "finger" Service

The following is a simple .audit file that looks for the insecure “finger” service on the remote router. This check will only run if the router IOS version matches the specified regex. Otherwise the check will be skipped. If the service is found, the audit will display a failure message.

<check_type: "Cisco">

<item>

type: CONFIG_CHECK_NOT

description: "Forbid Finger Service"

ios_version: "12\.[4-9]"

info: "Disable finger server."

item: "(ip|service) finger"

</item>

</check_type>

When running this command, the following output is expected from a compliant system:

"Forbid Finger Service" : [PASSED]

Disable finger server.

A failed audit would return the following output:

"Forbid Finger Service" : [FAILED]

Disable finger server.

- error message:

The following configuration line is set:

ip finger <----

Policy value:

(ip|service) finger