Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!uunet!mcsun!hp4nl!tuegate.tue.nl!rc6.urc.tue.nl!rwa.urc.tue.nl!rcbarn
From: rcbarn@rwa.urc.tue.nl (Raymond Nijssen)
Newsgroups: comp.unix.misc
Subject: Re: who's fingering me
Keywords: finger
Message-ID: <rcbarn.676630997@rwa.urc.tue.nl>
Date: 11 Jun 91 09:03:17 GMT
References: <noamb.676562323@over> <1991Jun10.155314.4829@ms.uky.edu>
Sender: news@rc6.urc.tue.nl
Reply-To: rcbarn@urc.tue.nl
Distribution: comp
Lines: 20

sean@ms.uky.edu (Sean Casey) writes:
>
>The answer is: it can't. The IP protocols do not transmit userid
>information, and neither does the finger protocol. A system using Dan
>Bernstein's mods would be able to supply userid info, but your fingerd
>daemon would need to be modified to use his authentication libary.

As a very simple but useful workaround in this case, you can use a 
fingerd that immediately fingers back to the host it receives a request 
from, thus revealing potential userid of people who are fingering your
system. Have a look at ftp.win.tue.nl:~ftp/pub/logdaemon.tar.Z
(available for anon. ftp). It contains various utilities of this
kind written by Wietse Venema.

-Raymond

-- 
| Raymond X.T. Nijssen  | Eindhoven Univ. of Technology                       |
| raymond@es.ele.tue.nl | EH 7.13, PO 513, 5600 MB Eindhoven, The Netherlands |
| "Don't put that on the wall in a tax-payer supported museum!"  Pat Buchanan |