-
June 17th, 2002, 07:19 PM
#1
Finger
About 3-4 months ago, I posted a thread asking questions about the FINGER DAEMON. Now, I seem to have been able to communicate with it. I get this responce when I give a valid FINGER: username.
----======**************************************=======-----
Finger Client Responces to Generated Usernames.
----======**************************************=======-----
Finger Username:John
login :cunniffe
Directory: /usr4/home/cunniffe
logged in from 204.56.**.**
Shell: /bin/sh
Login: hintog
Directory: /usr/home/hintog
Shell: /bin/sh
Finger Username:Test
Login:ns20198
Directory: /dev/null
Shell:/user/local/bin/pop
Can someone let me know what service(Telnet, FTP, WINVPN, ect...)these usernames are for.
I suppose i could use the process of elimination but, if my cousin finds out what I am doing he could change the config, and force me to start over.
PS. Dont spaz, I am doing a security check for My cousin Robert. At the fathersday thing we had, he was ranting about how secure his network is blah blah blah...so I challenged him.
Hey, could land me a job..
It is better to be HATED for who you are, than LOVED for who you are NOT.
THC/IP Version 4.2
-
June 17th, 2002, 07:21 PM
#2
I was going to actually post a thread named "Finger" because I need to better understand it, but can someone explain to me what it is used for and what it does?
-
June 17th, 2002, 07:41 PM
#3
Well from what I can tell, it shows who has logged in to the server. Where from, ect... I honestly don't see any good in the FINGER daemon. It seems to just be a big ass security hole. Really, its all foggy, so I dont really know yet.
*Patiently waits for someone to clear the air.
It is better to be HATED for who you are, than LOVED for who you are NOT.
THC/IP Version 4.2
-
June 17th, 2002, 08:01 PM
#4
One can also finger an IP addy to then find out user name, ISP etc. That is how I used it in the past, to see who an unknown was. Try using an IP address, from what I see in your post it is a valid user name and the pl/sh neams it is secure if I can recall enough of my unix from the past.
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
-
June 17th, 2002, 08:04 PM
#5
Oh small note and I believe it is no longer supported but from a IP address one used to be able to then finger to get a valid email address, but was a security risk. Why it is not supported in most cases from outside in.
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
-
June 17th, 2002, 08:10 PM
#6
Dr Toker> What OS are you using? RH 4.x or something?
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
June 17th, 2002, 08:17 PM
#7
How would I go about using FINGER? Is there a program that use's finger or is there a dos command?
-
June 17th, 2002, 08:21 PM
#8
JC > Finger is a DOS/*nix command.
AJ
-
June 17th, 2002, 08:31 PM
#9
Um.. Thanks, What is the command though?
-
June 17th, 2002, 08:35 PM
#10
From the DOS command prompt:
"[Finger] Displays information about a user on a specified system running the
Finger service. Output varies based on the remote system.
FINGER [-l] [user]@host [...]
-l Displays information in long list format.
user Specifies the user you want information about. Omit the user
parameter to display information about all users on the
specifed host.
@host Specifies the server on the remote system whose users you
want information about."
I would post the *nix equivalent, but the man page is way too long... if you need it, PM me and I can send it to you in a text file.
AJ
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|