cfingerdRecommended setupAfter running cfingerd for quite a while, I have found that if you make the cfingerd setup the most secure, you will have the least problems. Cfingerd currently stops for all files from being symbolic links, char devices, block devices, etc. Basically, each file has to be a normal file in order to be read by cfingerd. With that in mind, you should keep all files (whether or not they are read by root) as normal files. This will stop any problems in the future you may have. Root should always have a .nofinger file in his/her directory! This is only natural, since most System Admins don't like to be fingered. It is highly recommended that you install identd on your system. The installation process of identd is very painless and only takes minutes to accomplish. It's a great security program, and works very well. Install it. Besides, if you don't, RFC 1413 compliance won't be present on your system if someone from localhost fingers your system. If you have multiple systems that you are running for ISP systems, it is recommended that you install cfingerd on all those systems, and put the resulting systems in the "system_list_sites" section of cfingerd.conf. This will make it so that you have a sorted output of systems when a user fingers your system. Don't use strange programs when getting a userlist output - it will only make the final output look strange. Ken Hollis
| 
|
|