The Finger protocol derives from RFC742. A Finger server runs on UDP or TCP port 79. It expects either a null string, in which case a list of all people using the system is returned, or if a string is given, information available concerning that person is given (whether logged in or no).
Some people find the idea of Whois and Finger alarmingly insecure. One
particular scare in the Internet concerning security was due to a
simple, but extremely effective gaping bug in the most widely used
implementation of the finger server, which may be why it scares some
people.
Table 2.7: Example of Finger Output