The finger daemon must be disabled on AIX.

An XCCDF Rule

Details
Profiles

Description

The fingerd daemon provides the server function for the finger command. This allows users to view real-time pertinent user login information on other remote systems. This service should be disabled as it may provide an attacker with a valid user list to target.

ID: SV-215389r958478_rule
Version: AIX7-00-003084
Severity: Medium
References: CCI-000381
Updated: 3 days ago

Remediation Templates

In "/etc/inetd.conf", comment out the "finger" entry by running command: 
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'finger' -p 'tcp'

Restart inetd:
# refresh -s inetd

The finger daemon must be disabled on AIX.

Description

Remediation Templates

A Manual Procedure