TOC & Recently Viewed

Recently Viewed Topics

Disable "finger" Service

The following is a simple .audit file that looks for the insecure “finger” service on the remote router. This check will only run if the router IOS version matches the specified regex. Otherwise the check will be skipped. If the service is found, the audit will display a failure message.

<check_type: "Cisco">

 

<item>

type: CONFIG_CHECK_NOT

description: "Forbid Finger Service"

ios_version: "12\.[4-9]"

info: "Disable finger server."

item: "(ip|service) finger"

</item>

 

</check_type>

When running this command, the following output is expected from a compliant system:

"Forbid Finger Service" : [PASSED]

 

Disable finger server.

A failed audit would return the following output:

"Forbid Finger Service" : [FAILED]

Disable finger server.

- error message:

The following configuration line is set:

ip finger <----

 

Policy value:

(ip|service) finger

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.