Path: utzoo!attcan!uunet!husc6!mailrus!uflorida!haven!aplcen!aplcomm!trn@aplcomm.jhuapl.edu From: trn@aplcomm.jhuapl.edu (Tony Nardo) Newsgroups: comp.bugs.4bsd Subject: Re: fingerd allows third party fingers Message-ID: <2784@aplcomm.jhuapl.edu> Date: 23 Dec 88 14:21:10 GMT References: <2103@imagine.PAWL.RPI.EDU> <1494@helios.ee.lbl.gov> <381@mahendo.Jpl.Nasa.Gov> Sender: news@aplcomm.jhuapl.edu Reply-To: trn@aplcomm.jhuapl.edu (Tony Nardo) Organization: Johns Hopkins University/APL (Baltimore, Md.) Lines: 36 Disclaimer: Not necessarily opinions of JHU/APL In article <381@mahendo.Jpl.Nasa.Gov> poseur!earle@mahendo.JPL.NASA.GOV (Greg Earle) writes: >Allowing third party `finger's also allows one to `reach around' a site >that has a gateway with ipforwarding turned off. Admittedly, one has >to know something about the layout of the network behind the curtain >(where Carol Merrill is now standing (^: ), but hey, Mr. Morris has taught >us a thing (fing?) or two about fingerd ... These third party "finger" probes are also good for telling if a remote node is really down or if the routing tables have been hit by the Routing Render :-(. Until the whole UNIX World is blessed with properly functioning name servers, there will be some sites which can not be reached by "finger" *EXCEPT* with the third party "finger" capacity. My native site, "warper", is an example of this. (Conceded, "warper" can be reached directly via the raw Internet #, but anyone with access to *that* doesn't need to use it anyway.) Even then, third party "finger" access is necessary to reach some sites which are not on the main Internet. (`Can you say "local network"? I thought you could.') No matter how good name servers become, there is *at least* one site I know of that I can not reach without routing thru a specific third party. I had once thought that an "ultimate origin" field in "sockaddr" would be useful. Unfortunately, short of passing *every* internet node # in the path along, site on local networks could still evade detection. Maybe a file /etc/exportfinger is in order? :-) ================================================================================ ARPA: trn@aplcomm.jhuapl.edu UUCP: {backbone!}mimsy!aplcomm!trn BITNET: trn@warper.jhuapl.edu "Always remember that those who can, do, and that those who can't, teach. And those who can't teach become critics. That's why there're so many of them." PORTRAIT OF THE ARTIST AS A YOUNG GOD (Stephen Goldin) ================================================================================