FINGER System Utility

Previous page
Table of content
Next page

FINGER is the HP NonStop server FINGER client. It is used to interactively test the connection to a remote system. The remote system need not be another NonStop server.

FINGER is used to request information about users that are currently logged on to a system on the network. The type of information and the format of the display depend upon the service provided by the FINGER server on the remote system.

FINGER is a part of the TCP/IP subsystem which provides snapshots of running connections.

RISK Someone familiar with FINGER could use it from a remote machine to get IP addresses and other connection information about a system.

RISK FINGER could be used to obtain a list of user names from a system without logging on to the system, thus giving an attacker a starting point to try to logon.

AP-ADVICE-FINGER-01 To eliminate this risk, FINGER must be removed from the TCP/IP PORTCONF file.

The components of FINGER are:

FINGER

FINGSERV

FINGER

FINGER is the HP Nonstop finger client to request TCP/IP connection information.

FINGSERV

FINGSERV is the HP NonStop server FINGER server. It responds to FINGER requests from remote clients .

Securing FINGER

BP-FILE-FINGER-01 FINGER should be secured "- - - -"

BP-OPSYS-OWNER-01 FINGER should be owned by SUPER.SUPER

BP-OPSYS-FILELOC-01 FINGER must reside in $SYSTEM.SYSnn

BP-FILE-FINGER-02 FINGSERV should be secured "- - - -"

BP-OPSYS-OWNER-03 FINGSERV should be owned by SUPER.SUPER

BP-OPSYS-FILELOC-03 FINGSERV resides in $SYSTEM.ZTCPIP

If available, use Safeguard software or a third party object security product to grant access to FINGER object files only to users who require access in order to perform their jobs.

BP-SAFE-FINGER-01 Add a Safeguard Protection Record to grant appropriate access to the FINGER object file.

BP-SAFE-FINGER-02 Add a Safeguard Protection Record to grant appropriate access to the FINGSERV object file.

Discovery Questions

Look here:

OPSYS-OWNER-01

Who owns the FINGER client object file?

Fileinfo

OPSYS-OWNER-03

Who owns the FINGSERV server object file?

Fileinfo

FILE-POLICY

Who is allowed to execute FINGER on the system?

Policy

FILE-FINGER-01
SAFE-FINGER-01

Is the FINGER object file correctly secured with the Guardian or Safeguard system?

Fileinfo Safecom

FILE-FINGER-02
SAFE-FINGER-02

Is the FINGSERV object file correctly secured with the Guardian or Safeguard system?

Fileinfo Safecom

Related Topics

TCP/IP



Previous page
Table of content
Next page
HP NonStop Server Security 2004
HP NonStop Server Security 2004
ISBN: 159059035X
EAN: N/A
Year: 2004
Pages: 157
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
WebLogic: The Definitive Guide
Java All-In-One Desk Reference For Dummies
Python Standard Library (Nutshell Handbooks) with
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy