Description: This event is genrated when an attempt is made to query the finger daemon to ascertain a list of usernames on a system.
Impact: Information gatthering, the attacker may obtain the list of some accounts existing on the victim system as a prelude to further compromize.
Corrective: Look for other IDS events involving the same IP addresses. Look for suspicious logins to the affected system. Disable the finger daemon or apply a vendor patch that removes the vulnerability