Re: finger-bombing

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Rob Quinn: "Re: finger-bombing"
• Previous message: James Seng: "Re: finger-bombing"
• In reply to: Christopher Klaus: "Re: finger-bombing"
• Next in thread: Tony Jago: "Re: finger-bombing"

On Wed, 12 Oct 1994, Christopher Klaus wrote:

> > What is the best way to keep someone from finger-bombing
> > your site other than having fingerd cat /unix to stdout?
> > 
> > (other than hosts.deny.  We have a person who fingers
> > a user at our site from different hosts hundreds of times
> > per hour)
> 
> Contact the admins of those hosts and tell them to have it stopped.  
> Also, modify inetd.conf and comment out finger and kill -HUP inetd
> to restart it.

The best way to "keep someone from" <insert networking process> is not
always to just remove the service. How about coming up with a front end
that fingers back anyone who fingers you more than 2 times in a row and
then time between fingerd execution increases in exponential numbers for
successive fingers. You may also want to finger that account back and dump
it to your log file. Sure its abnoxious, but it would only be turned on in
such an instance where a bomber thinks he is being cute. Yes contacting
admins is the place to start. 

I believe there is a patch somewhere for fingerd that enables tracing a
logging of more than 5 successive fingers from a given site. Id have to go
looking to find it. 

    Eric Kimminau  "I am not an official Ford spokesperson"

• Next message: Rob Quinn: "Re: finger-bombing"
• Previous message: James Seng: "Re: finger-bombing"
• In reply to: Christopher Klaus: "Re: finger-bombing"
• Next in thread: Tony Jago: "Re: finger-bombing"