LinuxSA Mailing list archives
Index:
[thread]
[date]
[subject]
[author]
[stats]
From: Andrew Galdes <AGaldes@elders.com.au>
To : Andrew Pullin <andrew@hotspurbgc.com.au>
Date: Thu, 12 Jul 2001 10:52:33 +0930
RE: finger help (BACK ON TRACK)
but finger is read only and only should read two info files (which i cant
remember) about log in times. i understand for the long tem hack, its bad
but i dont see any danger - when only local users can connect to it.
anyone think different?
Andrew Galdes
Elders Help Desk
1300 363 523
agaldes@elders.com.au
"The trouble with being punctual is that nobody's there to appreciate"
> -----Original Message-----
> From: Andrew Pullin [mailto:andrew@hotspurbgc.com.au]
> Sent: Thursday, 12 July 2001 10:37 AM
> To: Andrew Galdes; 'Linux Group'
> Subject: Re: finger help (BACK ON TRACK)
>
>
> Hi There,
> Without actually trying it out before suggesting it -
> Why not modify your hosts.allow and hosts.deny files. As
> with most security related stuff, deny all parties from
> using finger, and then explicitly allow the ones you want.
> The syntax escapes me off the top of my head, but you should
> be able to work it out from either of the files, or look at
> the Security HOWTO. The only problem I foresee is that last
> I heard finger was insecure in an open network environment,
> and so having the daemon running could possibly open you up
> for an attack. I don't know exactly how you would be
> attacked using finger, nor do I know if the insecure bit has
> been fixed, but it would certainly be worth checking up on
> before you implement it. Hope this helps.
> Cheers!
> Andrew.
>
>
>
> ----- Original Message -----
> From: Andrew Galdes <AGaldes@elders.com.au>
> To: 'Linux Group' <linuxsa@linuxsa.org.au>
> Sent: Thursday, July 12, 2001 9:57 AM
> Subject: finger help (BACK ON TRACK)
>
>
> > Howdy all,
> > i read a man page on finger and found it to be rather
> short. so i am asking
> > you lot.
> >
> > is there a way to allow only 192.168.0 to finger a system?
> >
> > Andrew Galdes
> >
> > Elders Help Desk
> > 1300 363 523
> > agaldes@elders.com.au
> >
> > "The trouble with being punctual is that nobody's there to
> appreciate"
> >
> > --
> > LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on
> irc.linux.org.au
> > To unsubscribe from the LinuxSA list:
> > mail linuxsa-request@linuxsa.org.au with "unsubscribe"
> as the subject
>
--
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject
Index:
[thread]
[date]
[subject]
[author]
[stats]
Return to the LinuxSA Mailing List Information Page