[2557] in bugtraq
Re: SunOS 4.1.4 fingerd
daemon@ATHENA.MIT.EDU (Craig Raskin)
Fri May 17 15:31:07 1996
Date: Fri, 17 May 1996 14:14:03 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Craig Raskin <raskin@aoml.noaa.gov>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.OSF.3.92.960517095124.10046B-100000@afarm-6.sdsc.edu>
On Fri, 17 May 1996, Taner Halicioglu wrote:
> You can imagine what this will cause... :-) I trivial fix is to look for
> an '@' sign in the sent string (in in.fingerd) and deny the finger.
HP-UX 9.x does something along these lines. When you try to do:
finger @hp_machine@hp_machine
it gives you:
[hp_machine]
Remote finger not allowed: @hp_machine
**************************************************************************
Craig Raskin, raskin@aoml.noaa.gov "A competent and self-confident person
Unix System Administrator is incapable of jealousy in anything.
U.S. Dept. Of Commerce Jealousy is invariably a symptom of
NOAA/AOML, Miami Fl. neurotic insecurity." -- Heinlein
