Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_4

Bugtraq archives for 4th quarter (Oct-Dec) 1994: Re: Fingerd Summary

Re: Fingerd Summary

Adam Shostack (adambwh.harvard.edu)
Fri, 21 Oct 94 15:20:46 EDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: der Mouse: "Re: access(2)--a security hole?"
Previous message: Stephen Gildea: "Re: Fingerd Summary"
In reply to: Stephen Gildea: "Re: Fingerd Summary"
Next in thread: KevinTX: "Re: Fingerd Summary"

| Here's another feature we'd like to see: allowing fingering specific
| people, but not a generic finger of a machine, which could be used to
| learn login ids.  Which of the fingerds you looked at had that feature?

	rfingerd could be made to do that with a little input
filtering.  Its perl, so the input filter should be pretty simple--if
anyone writes one, please pass it on to me.  No need to reinvent the
wheel.  :)

	fingerd-1.0 has the ability built in.

	sfinger provides it by only allowing certain finger targets,
defined by the existance of a file in its directory (which is the
output of finger.)

	Both rfingerd & fingerd-1.0 call /usr/ucb finger.  If you
replace that with gnu finger, gnu finger allows you to define
arbitrary actions, including a 'default' target if no argument is
given.  If this default target is site info, you get the effect of not
allowing 'generic' fingers.



	Also, don't forget to turn off rusers.  :)

Adam

Next message: der Mouse: "Re: access(2)--a security hole?"
Previous message: Stephen Gildea: "Re: Fingerd Summary"
In reply to: Stephen Gildea: "Re: Fingerd Summary"
Next in thread: KevinTX: "Re: Fingerd Summary"