Sam Trenholme's webpage
This article was posted to the Usenet group alt.hackers in 1995; any technical information is probably outdated.

Re: What is the problem with Finger?

Article: 7546 of alt.hackers
From: (Nicol C So)
Newsgroups: alt.hackers
Subject: Re: What is the problem with Finger?
Date: 27 Mar 1995 01:58:36 GMT
Organization: Computer Science and Engineering, Penn State University
Lines: 14
Message-ID: 3l564c$
Status: RO

In article <3l4nc5$> (marlowe)
>So, I'll bite. Does anyone know what the security hole is in finger? I
>can understand not wanting to have anyone be able to finger in, but why
>wouldn't the admins what me to finger out?

Beats me.  But as long as you can telnet out, you don't really need
the finger command.  Just telnet to the remote machine and talk to
the finger daemon directly.  Example:

	%telnet <host address> 79
	[bunch of telnet messages]
	<user's login followed by RETURN>


Child Child Child

Back to index