Vulnerability Development mailing list archives

Re: report finger gives long list of users

From: "Robert G. Ferrell" <root () rgfsparc cr usgs gov>
Date: Wed, 28 Mar 2001 10:41:04 -0600

I can confirm this "feature" on solaris 8.

"finger 0@localhost" & "finger 1234567@localhost" both return the list of
users.


Well, not to flaunt the obvious, but the best solution to this is

# grep finger /etc/inetd.conf

#finger stream  tcp     nowait  nobody  /usr/sbin/in.fingerd    in.fingerd

;-)

Cheers,

RGF

Robert G. Ferrell, CISSP
http://rferrell.home.texas.net/rgflit.html
========================================
 Who goeth without humor goeth unarmed.
========================================

Current thread:

Re: report finger gives long list of users, (continued)
- Re: report finger gives long list of users John Galt (Mar 23)
  - Re: report finger gives long list of users Jens Hektor (Mar 23)
  - Re: report finger gives long list of users Larry W. Cashdollar (Mar 25)
    - Re: report finger gives long list of users warning3 (Mar 28)
    - Re: report finger gives long list of users Joseph Nicholas Yarbrough (Mar 28)
    - Re: report finger gives long list of users Juan M. Courcoul (Mar 28)
    - Re: report finger gives long list of users Air Force Guy (Mar 28)
    - Re: report finger gives long list of users Meritt James (Mar 28)
    - Re: report finger gives long list of users Edsel Adap (Mar 28)
    - Re: report finger gives long list of users olle (Mar 28)
- Re: report finger gives long list of users Robert G. Ferrell (Mar 28)
- Re: report finger gives long list of users Schott, Erik (CORP, GEAccess) (Mar 28)