Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must be configured with the finger service disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-214903 | AOSX-13-001115 | SV-214903r507075_rule | Medium |
| Description |
|---|
| The "finger" service has had several security vulnerabilities in the past and is not a necessary service. It is disabled by default; enabling it would increase the attack surface of the system. |
| STIG | Date |
|---|---|
| Apple OS X 10.13 Security Technical Implementation Guide | 2020-09-11 |
Details
| Check Text ( C-16103r397281_chk ) |
|---|
| To check if the "finger" service is disabled, use the following command: /usr/bin/sudo /bin/launchctl print-disabled system | /usr/bin/grep com.apple.fingerd If the results do not show the following, this is a finding: "com.apple.fingerd" => true |
| Fix Text (F-16101r397282_fix) |
|---|
| To disable the "finger" service, run the following command: /usr/bin/sudo /bin/launchctl disable system/com.apple.fingerd The system may need to be restarted for the update to take effect. |