Board index Unix Admin

Safe FINGER Daemon

Safe FINGER Daemon

Post by Matt Mow » Fri, 08 Mar 1996 04:00:00



I have disabled finger on some of our unix systems because it was (a)
unnecessary and (b) felt to be a potential nuisance.

For a service I am providing I would rather like to be able to use finger to
allow users a "regular" way of querying the service status remotely.

What I am looking for is either a "safe" fingerd (preferably one which would
allow root to specify which accounts could be fingered), or a better way to do
what I want.

Any takers?

Regards,

Matt.
----
Matt Mower - Infonaut - Information Services Team
The University of North London. Tower Building, M19d
Homepage URL = http://www.unl.ac.uk/~mat/

 
 
 
Top

Safe FINGER Daemon

Post by Pierre Vasselleri » Sun, 10 Mar 1996 04:00:00


ftp://hplyot.obspm.fr/net/sfingerd-1.8.tar.gz

Very easy to install and use.

--
% VASSELLERIE Pierre                                                         *
* DASGAL, Observatoire de Paris, 5,Place J. Janssen, F-92195 Meudon Cedex    %
% Tel: (33 1) 45 07 78 49  - Fax: (33 1) 45 07 78 78                         *


 
 
 
Top

Safe FINGER Daemon

Post by Pierre Vasselleri » Sun, 10 Mar 1996 04:00:00


ftp://hplyot.obspm.fr/net/sfingerd-1.8.tar.gz

Very easy to install and use.

--
% VASSELLERIE Pierre                                                         *
* DASGAL, Observatoire de Paris, 5,Place J. Janssen, F-92195 Meudon Cedex    %
% Tel: (33 1) 45 07 78 49  - Fax: (33 1) 45 07 78 78                         *

 
 
 
Top

Safe FINGER Daemon

Post by Kurt Hockenbu » Wed, 20 Mar 1996 04:00:00


: [soapbox mode on]
: In all honesty, why bother?  It's really disgusting the way the Internet
: Worm had every (so-called) admin and his mother running around disabling
: in.fingerd.  The obscure bug that was once in fingerd's code is long gone
: on about every implementation in existance and an attack on fingerd is
: the least of your worries as an administrator.  finger was once a
: valuable resource as far as finding ppl and passing information, but
: just like the cholesterol scare, someone cries to mommy, and the wieners
: follow suit.
: [soapbox mode off]

There are valid reasons other than the Internet Worm to replace a vendor's
finger with something more configurable.

Things such as:
        improved logging
        "bug" fixes (getting rid of finger-based denial of service and

        elimination of extra, non-relevant information, mostly of mild
                interest to anyone but crackers (shell, home directory,
                last login time, host last logged in from)

Plus, for those who have the time and energy to review it, or need to
change it, source code.
        -Kurt

 
 
 
Top

1. safe finger and talk daemons?

Are there any (preferably free) finger and talk daemons in development
that do not have security holes? We have them turned off right now, and
it is a royal pain not to have them.

OK, I can see the answers coming already ("Of course not, you
idiot!"). Let me rephrase the question. Are there any finger and talk
daemons in existence that 1) are in active development (so that people
more clued in than myself are committed to fixing problems), 2) aren't
so shoddily written that they get CERT advisories every other week,
and 3) has maintainers who do care about security problems and will
fix holes reasonably promptly?

How about the daemons that comes with RedHat Linux 4.2? Are they any
good? If they are, I might recompile them for Solaris and use that
instead of the default finger and talk daemons.

--
Shimpei Yamashita                <http://www.patnet.caltech.edu/%7Eshimpei/>

2. Device Drivers -- IDE vs. SCSI

3. fingering the finger daemon

4. Reading Core Dump File

5. finger and plan daemons: any way to get info on where the finger originated?

6. slitex for SLS 1.0

7. FINGER: How can I know who is fingering or fingered me?

8. TRADE FOR MATROX G200 (PCI)

9. tcp wrappers safe finger

10. Is GNU finger safe?

11. little finger daemon

12. finger daemon

13. lfingerd, little finger daemon


All times are UTC
Board index