jwz@lucid.com (Jamie Zawinski) (09/30/90)
In article <1990Sep29.141154.3546@ibmpcug.co.uk> dylan@ibmpcug.co.uk (Matthew Farwell) writes: > In article <38200@eerie.acsu.Buffalo.EDU> haozhou@acsu.buffalo.edu (hao zhou) writes: >> A further question: >> Is it possible to figure out who have fingered you? > > You could:- > > 1) Search the process table looking for the keyword 'finger'. All this would This only works if the person fingering you is doing so from your machine. It is far more interesting to know the identity of someone out on the net who is fingering you. I believe this is impossible, because the finger protocol requires no authentication - all you can know is the address of the machine on whch the finger request originated, and the port to reply to. I once hacked the finger daemon on TI Explorer Lisp Machines to finger back - when a finger request came in, it fingered @that-machine to get a list of all users and what they were doing. It then cached this away for me to look at later, and use the excellent pattern matcher inside my head to decide who was responsible :-). Also, if the foreign machine did not accept finger connections (as is too often the case these days) it would respond with "Your machine, <machine name here> does not accept finger connections; this is antisocial. Go away." It also detected loops, in case the foreign machine also had a fingerback hack. > 2) Perhaps a more reliable method would be to go and get the active > inode information from a program like pstat. (On Xenix, the option would > be pstat -i). This gives you the device, the inode number and the uid > of all currently active inodes. Therefore you can work out who is > fingering you. I don't follow - are you looking for the user who has your .plan file open? This will be /etc/fingerd. Or maybe you're looking for the user who has /bin/finger open. Again, this only works when being fingered locally. By the way, I highly recommend GNU Finger, available on expo.lcs.mit.edu. It has lots of bells and whistles. One machine is the finger server, and periodically consults finger clients on all the machines on the local net, to maintain a database of who is logged on where, and which machines are idle. Fingering a user at any machine at a site will tell you which machine they are logged on and how long they have been idle (and also the last machine they were logged on if they are logged out now.) It also has a "face" feature built in, with an X11 and SunView interface - "finger -face" transmits a bitmap instead of text. Also it can talk to and be talked to by standard BSD finger servers and clients. -- Jamie
dylan@ibmpcug.co.uk (Matthew Farwell) (09/30/90)
In article <JWZ.90Sep29231908@kolyma.lucid.com> jwz@lucid.com (Jamie Zawinski) writes: >In article <1990Sep29.141154.3546@ibmpcug.co.uk> dylan@ibmpcug.co.uk (Matthew Farwell) writes: >> In article <38200@eerie.acsu.Buffalo.EDU> haozhou@acsu.buffalo.edu (hao zhou) writes: >>> A further question: >>> Is it possible to figure out who have fingered you? >> You could:- >> 1) Search the process table looking for the keyword 'finger'. All this would >This only works if the person fingering you is doing so from your machine. Ok. I admit it. My solutions only work if there is one machine. You're right that one way to do it would be to hack fingerd. I've got an excuse in that I haven't got fingerd running on my machine(s). >> 2) Perhaps a more reliable method would be to go and get the active >> inode information from a program like pstat. (On Xenix, the option would >> be pstat -i). This gives you the device, the inode number and the uid >> of all currently active inodes. Therefore you can work out who is >> fingering you. >I don't follow - are you looking for the user who has your .plan file open? Yes. Dylan. -- Matthew J Farwell | Email: dylan@ibmpcug.co.uk The IBM PC User Group, PO Box 360,| ...!uunet!ukc!ibmpcug!dylan Harrow HA1 4LQ England | CONNECT - Usenet Access in the UK!! Phone: +44 81-863-1191 | Sun? Don't they make coffee machines?
haozhou@acsu.buffalo.edu (hao zhou) (09/30/90)
In article <JWZ.90Sep29231908@kolyma.lucid.com> jwz@lucid.com (Jamie Zawinski) writes: >In article <1990Sep29.141154.3546@ibmpcug.co.uk> dylan@ibmpcug.co.uk (Matthew Farwell) writes: >> In article <38200@eerie.acsu.Buffalo.EDU> haozhou@acsu.buffalo.edu (hao zhou) writes: >>> Is it possible to figure out who have fingered you? >> You could:- > >This only works if the person fingering you is doing so from your machine. >It is far more interesting to know the identity of someone out on the net >who is fingering you. I believe this is impossible, because the finger >protocol requires no authentication - all you can know is the address of the That's what I assumed. Thank you for the good explaination. Another problem with my checkfinger program which was grabbed from the earlier posting to the question is that the program dies when the machine crashes and all the information like the counter for counting how many people have fingered is lost. When the machine is back up, the checkfinger is still not alive. During this period, the fingerer might have trouble unless the .plan is unlinked. Also you wouldn't know how many people finger you until you are logged on and turn on the checkfinger in the background. Is there anyway to solve this problem? -- Hao Zhou -- Internet:haozhou@acsu.buffalo.edu BITNET:haozhou%acsu.buffalo.edu@UBVM.BITNET UUCP: uunet!acsu.buffalo.edu!haozhou
tai@aspen.IAG.HP.COM (Tai Jin) (10/02/90)
>> Is it possible to figure out who have fingered you?
The finger protocol does not provide any information about the user
who is doing the finger'ing. The best you can do is log the host
from which the finger originated and the target of the finger. This
is what I've done.brnstnd@kramden.acf.nyu.edu (Dan Bernstein) (10/03/90)
In article <40190001@aspen.IAG.HP.COM> tai@aspen.IAG.HP.COM (Tai Jin) writes: > >> Is it possible to figure out who have fingered you? > The finger protocol does not provide any information about the user > who is doing the finger'ing. The best you can do is log the host > from which the finger originated and the target of the finger. You can do better. Just install attachport from my auth package and the finger daemon from my authutil package. If the remote host supports RFC 931, you get the username along with the remote address in the REMOTE environment variable. As described in authutil's servers/README, you can add three lines to the top of the daemon script to refuse connections from hosts that don't support the authentication, if you want. Do you think that knowing the remote username is useful? Encourage it by taking measures like this. More and more hosts are supporting RFC 931 (e.g., by installing authtcp in my auth package); why don't you do your part to make the Internet a better place? auth and authutil were published in volume 22 of comp.sources.unix. ---Dan