LinuxSA Mailing list archives
Index:
[thread]
[date]
[subject]
[author]
[stats]
From: Andrew Galdes <AGaldes@elders.com.au>
To : Glen Turner <glen.turner@aarnet.edu.au>
Date: Thu, 12 Jul 2001 13:36:31 +0930
RE: finger help (BACK ON TRACK)
Ok, so what are the alternatives (more configurabel) options rather then
Finger?
Andrew Galdes
>
> David Newall wrote:
> > Everybody "knows" its insecure, yet nobody can say why.
>
> Finger is insecure because it leaks more information that
> is required. For example, it can be used to externally
> identify idle accounts through the "last login" or
> "mail messages" lines.
>
> Furthermore, with no administrator action 10% of
> passwords are trivially derivable from a person's
> name and contact information. Thus the more paranoid
> administrators do not present name and contact information
> together with a user ID to unauthenticated external users.
>
> The OpenLDAP package provides a finger replacement
> that does an LDAP user lookup. Thus finger can
> be used to find contact information about users
> (which is what 'nice' people use finger for) rather
> than revealing information about login accounts
> (which is of interest to less nice people).
>
> Glen
>
> --
> Glen Turner Network Engineer
> (08) 8303 3936 Australian Academic and Research Network
> glen.turner@aarnet.edu.au http://www.aarnet.edu.au/
> --
> The revolution will not be televised, it will be digitised
>
> --
> LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on
> irc.linux.org.au
> To unsubscribe from the LinuxSA list:
> mail linuxsa-request@linuxsa.org.au with "unsubscribe" as
> the subject
>
--
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject
Index:
[thread]
[date]
[subject]
[author]
[stats]
Return to the LinuxSA Mailing List Information Page