|
-
June 17th, 2002, 08:55 PM
#11
Grrr... my first reply got lost in the cookie bug/problem... *sigh* Must-remember-to-copy-and-submit...
These days, finger is pretty much thought of as nothing better than a simple enumeration tool used to garnish information off of the system from a network connection (which is otherwise obtainable in other local means). It tells you neat things like the username, login, home directory, default shell and a whole host of other things (including the optional fields to the GECOS in the password and it reads the .plan and .project files out of the home directory). Since it runs as root, it used to be fairly easy to trick the thing in to giving you access to files that you otherwise shouldn't have had access to (ie. priviledge elevation sort of stuff).
Most secure networks disable finger or replace it with a benign version to return something generic. My systems tend to simply spit back the same information returned in whois (ie. the company name and address and a pointer to hostmaster@mydomain) or even a stupid "why are you looking here?" sort of reply... the short C-routines also log the connection and alert me as to the idea that someone's traversing finger.
Hope that helps a bit!
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
-
June 17th, 2002, 11:17 PM
#12
I need to research more about finger. It seem's like it can provide to be pretty usefull!
-
June 17th, 2002, 11:48 PM
#13
Here is kewl versionz of finger <^> & _,|,,
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote