14 Mar
2007
14 Mar
'07
9:54 p.m.
I have seen some ontopic books (UNIX, 10 years old
now) that strongly
recommend disabling finger to prevent unauthorized types from finding
likely targets among the accounts. Since then, finger services (such as
cfingerd) have become less of an issue because you can limit some
information, but it's likely that the old maxim still holds, as well as
the new one: if you don't positively need it than don't turn it on. Too
bad, though: 'finger' was nice when you wanted to get an e-mail address
that you weren't certain of.
So write one that doesn't give away the store. I did; it's just a Perl
script hooked up to inetd with some logging. finger is so simple it can
barely be considered a "protocol."
--
--------------------------------- personal: http://www.armory.com/~spectre/ ---
Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser at floodgap.com
-- Critics are the unpaid guardians of my soul. -- E. Stanley Jones -----------