Xref: utzoo comp.protocols.tcp-ip:16685 alt.security:2712 Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!cs.utexas.edu!sol.acs.unt.edu!vaxb.acs.unt.edu!cgw From: cgw@vaxb.acs.unt.edu Newsgroups: comp.protocols.tcp-ip,alt.security Subject: Re: nosy finger daemons Message-ID: <1991Jun22.185114.1@vaxb.acs.unt.edu> Date: 23 Jun 91 00:51:14 GMT References: Sender: usenet@sol.acs.unt.edu (Sol Usenet Administrator) Organization: University of North Texas Lines: 59 In article , rsm@math.arizona.edu (Robert S. Maier) writes: [discussion of nrl.navy.mil's 'feature' of fingering the fingerer (ie: 'you') when you finger them] > Apparently the folks at nrl.navy.mil (Navy Research Laboratory) didn't > want to erect a full-fledged firewall, so they compromised on this. > It doesn't seem a very effective protection against the outside world > though. In fact it's rather amusing. Has anyone ever seen anything > else like this? yes! well, sortof.. read on: > I haven't checked to see whether their other daemons (e.g. rusersd) > are nosy too, but I wouldn't be surprised. Apparently `Caller ID' has > come to the Internet. and has been for at least a while.. in march or so of 91, on comp.unix.*, there was talk of a program that would wake up and do something when your account is fingered. generally, what happens is this: you make your .plan a FIFO queue that runs a program you specify whenever it becomes active. (at least, that's my understanding. i could be wrong.) anyway, i've written a companion to the program that does this (which is the purpose of the first program (to run another program when your .plan is opened). you can see this program in action if you finger cgw@ponder.csci.unt.edu. i don't login there much anymore, so i can't vouch for the availableness of this, but it should work. because of final exams in may, i didn't get a chance to make it use DNS to translate the IP addr to a hostname, but it's still an interesting thing. currently, the algorithm is this: do a ps and grep for 'finger'. then i can get the username and special-case that user. if it doesn't find anyone running finger, do a netstat and see what host has an open connection to port 79. it's admittedly in the stages of an advanced hack, and not exetremely useful in it's current state, but ideas i have for it are: a personalized message sender. say you're out of the office/room for a few minutes, and want to let someone know you're out. just add a line to a file, and the program will send it to users specified (somewhere). there are many more things you can do with this, but i'll refrain from going into them here. i got the program from someone off the net. since i've forgotten who it was, but still have the original mail, i'll entertain requests for it by email, if there's any interest. email _only_; if you post to the net, i'll ignore it. oh, i almost forgot the reason i'm posting.. my program currently logs usernames (if they're local) and host IPs if they're not. see? tcp/ip CallerId :) -cgw- >S. Maier | Internet: rsm@math.arizona.edu, rsm@cs.arizona.edu > Dept. of Math. | UUCP: uunet!arizona!amethyst!rsm > Univ. of Arizona | Bitnet: maier@arizrvax > Tucson, AZ 85721 | FAX: +1 602 621 8322 > U.S.A. | Voice(POTS): +1 602 621 6893 / +1 602 621 2617 ------------------------------------------------------------------------------- christopher williams, `gilligan', `dude', cgw@vaxb.acs.unt.edu, +1 817 565 4161 lead programmer/operator, the university of north texas, home of the _VaxCave_! `help stamp out and abolish redundancy!' my other .sig is boring too.