Fingeree wants to keep track of the fingerer

Jonathan I. Kamens jik at athena.mit.edu
Mon Apr 8 12:02:22 AEST 1991 

In article <10290 at hub.ucsb.edu>, 6600hubb at ucsbuxa.ucsb.edu (Richard Hubbell) writes:
|> 	Does unix offer a method for keeping track of each
|> occurence of being fingered?  i.e. if someone fingers me is there
|> a way that I can tell who it was that fingered me? 

  Someone else has pointed out that you can monitor finger connections by
watching TCP port 79.  This solution, however, has several drawbacks:

1. It catched only remote finger attempts.  It does not deal with people
   fingering you on your machine.

2. Watching a TCP port that another process is already bound to is somewhat
   difficult, and requires network monitoring that is not doable at the novice
   level.

3. On a Unix system, port 79 is a reserved port, and therefore only the
   superuser can do anything with it, so you'd have to be root to do the
   monitoring.

If you are the superuser, and you wan to use this method, then it is probably
easier to install a modified fingerd that does monitoring, or to have inetd
call your monitor instead of fingerd (and then have your monitor exec fingerd
when it's done doing the monitoring stuff), than it would be to actually keep
watch over the port at the same time as inetd.

  If you are not the superuser, and you want to do this anyway, and your
system supports named pipes, and your system's fingerd has no problem with
reading from a named pipe, then you can do this by creating a named pipe as
your .plan file, and running a process opens the pipe, selects it for write,
and whenever it is ready for write, figures out what process is doing the
reading and does monitoring stuff on that process, and then sends your .plan
file over the pipe.

  The question of monitoring fingers and the question of using a pipe as a
.plan file have both been discussed several times in this newsgroup; in fact,
I am surprised they are not in the Frequently Asked Questions posting
(Steve?).  I would give sample code demonstrating the latter, but the systems
to which I have access do not support named pipes, so I can't test it very
effectively, and I've never had to do it.  Given the number of times it has
been discussed, I hope someone else has saved the discussion and can post some
of the more interesting articles from it....

-- 
Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik at Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8085			      Home: 617-782-0710

More information about the Comp.unix.questions mailing list