Excessive Finger Information
Summary
Certain finger servers, when queried, will release excess data about accounts
on the system including who is currently logged on.
Impact
This excess information could be used as clues for guessing user passwords,
determining when the system is idle, and providing indicators when to best
attack the system.
Many finger servers provide excessive information on users of the system.
It may provide a list of users and associated personal information. It
also indicates who is logged on. This information can provide the
hacker with valuable data to (1) guess poor passwords and (2) determine the
optimum time to hack.
Resolution
There are several methods of limiting finger information. If you don't use
finger by disabling it in inetd.conf (then restart the inet daemon).
If you need finger for your enterprise, you can install tcp wrappers and
limit access.