On Thu, 16 May 1996, Elliot Lee wrote: > > [ list of ways to list all the users on a system using fingerd ] > > Another vulnerability of many finger daemons is their ability to support > 'chain' fingers. If they are passed a "username" in the form of > 'user@ahost.net' the finger daemon will repeat the finger, effectively > hiding the tracks of anyone trying to scope out your system security. > > For a demonstration, 'telnet prep.ai.mit.edu 79' and type > '[yourname]@[yourhost]'. If you have TCP wrappers installed, you will > notice that the finger connection comes from prep.ai.mit.edu, not [yourhost]. > Some www servers also include the 'finger' cgi program, which can be used in much the same way, ie: lynx http://www.cgis.net/cgi-bin/finger\?user@host Brian Mitchell brian@saturn.net "I never give them hell. I just tell the truth and they think it's hell" - H. Truman