1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
|
.TH CFINGERD 8 "24 Sep 1996" "cfingerd 1.3.2" "Configurable Finger Daemon"
.SH NAME
cfingerd \- Configurable finger daemon.
.br
.SH SYNOPSIS
.B cfingerd
.RB [\ \-c\ |\ \-e\ |\ \-o\ |\ \-v\ ]
\-c : Check configuration
\-e : Emulate local finger w/o inetd
\-o : Turn off all finger queries
\-v : Request version information
.br
.sp
\-c checks your installed configuration. This makes sure there are no
existing errors in the current
.I cfingerd.conf
file.
.PP
\-e allows you to emulate a local finger on a user that exists on your
system. This makes it so that you can test cfingerd on your system
before installing it. Using the "\-e" directive is the same as
installing the software, typing "finger username@" and getting the
output. Using "\-e username" does the same.
.PP
\-o turns off all finger queries. This makes it so that no one can
finger your system \- no matter what they try to do.
.PP
\-v requests cfingerd version information.
.br
.SH DESCRIPTION
.B CFINGERD
is a totally new, and totally configurable finger daemon \-
one of the first. It utilizes the finger port (port 79) to provide
useful information on each user that is on your system. Only thing is,
cfingerd provides a unique twist.
.PP
.B CFINGERD
was designed for the sole purpose of making output on finger queries
configurable. If you want to change any text that is displayed during
finger queries, you can configure the finger daemon to display just about
anything you want.
.PP
.B CFINGERD
also takes into account any security breaches, and attempts to close
them. With the added bonus of creating ".nofinger" files, this is
displayed instead of finger information, making it possible for users to
keep themselves relatively anonymous from outside users.
.br
.SH "WHY WAS IT DONE?"
The answer is simple. Security. Many sites turn off finger for the
reason that they don't want outside users to see who's on their system,
or get information about a specific user on their system. This seemed
unfair to the rest of the users out there, so this program was created.
Besides, those sites were waiting for this type of program. Many sites
that originally had their finger turned off turned them back on because
of cfingerd.
.PP
Many sites have complained that they wanted the ability to create a
"fake\-user", or a user that doesn't exist but calls a pre\-written shell
script.
.B CFINGERD
has taken this into account, and provides the best method possible for
creating such scripts. (See cfingerd.conf(5) for more information on the
configuration file.)
.br
.SH "FEATURES CFINGERD PROVIDES, AND DESCRIPTIONS OF EACH"
.B CFINGERD
was totally rewritten. Why is this? Well, the older version of cfingerd
had quite a few bugs, and it didn't quite do all of the things that
cfingerd now does. This new version was totally revamped, and most of
the bugs that were in the older version of cfingerd were removed in this
one. Besides, the code in here was more compact.
.PP
.B Header and footer displays
were a very big part of the original release of cfingerd, and
shall continue to remain in all versions. Headers and footers are only
displays at the beginning and ending of all finger displays, and are used
as unique little "advertisements" or such.
.PP
.B Last time displayed
is always a critical issue. It's covered in cfingerd. Cfingerd simply shows
how many times this user is connected, what their idle time is on each TTY
they're connected to, and whether or not they are accepting messages. If
they're not accepting messages, a "[MESG-N]" display will be shown if this
is the case. This display also shows the last time mail was read, and
whether or not this user has mail.
.PP
.B Stand-alone and INETD support
is compiled into the program, but only INETD support is given for the time
being. The reason being is that I have not yet added the option for
stand-alone daemon mode.
.PP
.B .nofinger files
are used when a user wishes to remain anonymous. These files should be
placed in their home directories, and can display anything they want.
There's just a few restrictions. These
.IR .nofinger
display files cannot
be character devices, directories, fifos, soft or hard links, or anything
else of that caliber. They must only be normal files.
.PP
.B Fakeusers
were supported for the simple fact that many sites want
to create users that don't exist, and make them execute a shell. If you
want this done, then install a fake user. Read up in
.BR cfingerd.conf (5)
for more information on these useful options.
.PP
.B Service displays
were used to show what fakeusers you have installed on your system.
These can be formatted however you wish, and are explained (once again) in
.BR cfingerd.conf (5).
.PP
.B Searching for usernames
is a very powerful feature that
.B cfingerd
takes full advantage of. If you
are looking for a specific username on the system, or don't know what
their name is, simply use the
.RB " search.username "
directive with
.BR cfingerd ,
and you will be able to search for a user on your system.
.PP
.B Security
is a given. If you don't want to show someone something, then it won't
display what you don't want. Simply edit the cfingerd.conf file and make
changes. It's that simple.
.PP
Searching for usernames is NOT case sensitive. If you are searching for
a specific username, or part of the user's name. If you search for part
of a user's name or username, chances are, it'll be displayed.
.PP
.B Not just PLAN, or PROJECT
but there's also an option to display your public PGP key, if you have
one. This is very useful if you want to keep your mail or other
information secret to yourself, and don't want "big brother" watching
over your shoulder as you talk amongst yourselves. (Thanks to Andy Smith
for this patch). (For your info, the standard plan file is
.IR .plan ,
project is
.IR .project ,
PGP info is
.IR .pgpkey ,
and XFace icon information is
.IR .xface )
.PP
Remember, any or all of these options stated above, can be turned on or
off at will. If you want a specific option turned off, turn it off. :)
.br
.SH "ERROR MESSAGES"
Any error messages that result are fairly easy to debug if you know what
to look for.
.PP
.B Segmentation Violations
don't always occur, but if they ever do, you can pretty easily figure out
what's going on. Unfortunately, cfingerd doesn't have any compatibility
with older
.I cfingerd.conf
files, so if you get a Segmentation Violation,
this means (usually) that your cfingerd.conf file needs to be replaced.
.PP
.B Timeouts
usually mean that a script has timed out, or a connection to another site
timed out.
.br
.SH "SYSLOGGING MESSAGES"
Well, there's no real way to describe SYSLOG
messages since they can be changed as the system administrator chooses.
Although, examples can be given based on the standard configuration that
was distributed.
.PP
If any IP addresses cannot be matched to a it will display a "IP:
Hostname not matched".
.PP
If the renice fails (to make the program run at the highest priority)
then it will display "Fatal - Nice died: (reason)".
.PP
If there is no buffer information is waiting in the STDIN buffer, it will
display "STDIN contains no data".
.PP
If a trusted host fingers your site, a "<- Trusted" will appear.
.PP
If a rejected host fingers your site, a "<- Rejected" will appear.
.PP
If root is fingered on your site, it will display "Root".
.PP
If a service listing was fingered on your site, it will display "Service
listing".
.PP
If a user listing was requested, it will display "User listing".
.PP
If a fake user was requested, it will display "Fake user".
.PP
If "whois" data was requested, it will display "Whois request". (Note,
whois was not implemented in this release, since it wasn't 'RFC'
compliant.)
.PP
Any extra information pertaining to the incoming finger is displayed in
the syslogging area. (It's also recommended that you reconfigure
.BR syslog.conf (5)
to display to an unused VT. :)
.br
.SH BUGS
On ELF-specific systems, services lists usually show a bit of garbage at
the beginning of the finger display. This doesn't appear to be a problem
on a.out systems, so if you have ELF, you may want to compile cfingerd as
a.out if this becomes a problem.
.br
.SH PLANS
Any other options or improvements will probably come from user
suggestions. :)
.PP
Later plans will make it so that you can define your own display formats
for the finger display. This means that you can re\-define how you want
your finger display to look.
.br
.SH CONTACTING
If you like the software, and you want to learn more about the software,
or want to see a feature added to it that isn't already here, then please
write to khollis@bitgate.com.
.PP
I've gotten calls at work pertaining to the software; and although I
appreciate the fact that people like the software I've taken the time to
write, I appreciate it if you leave me E\-mail and be considerate. If you
must call me, I can be reached at (503) 612-9069 after 6PM PST.
.PP
If you want to see other projects that Bitgate Software is currently
developing, please check out the web page at http://www.bitgate.com/.
This will contain all of the update information on the software that is
being worked on, and is already released.
.PP
.SH "SEE ALSO"
.BR cfingerd.conf (5),
.BR finger (1),
.BR userlist (1),
.BR syslog.conf (5).
|
