PFinger -  an internet user information suite

Contents

	1. Introduction
	2. Installation
	3. Compatibility with GNU Finger
	4. Using the Client
	5. What PFinger does not (but standard finger does)

1. Introduction

This packages contains a finger deamon, a graphical pfinger client
and site finger deamon.
It also contains a standard finger client.

PIPserver is an implementation of a server of the Personal Information
Protocol (PIP). You may guess what PIPclient is.

Consider the client to be a sample implementation. It is not needed to
run (or compile) the server. It is probably not that featureful as you
would like, but it is handy to have it around as long you have no
other client.

Read more about PIP in the doc/ subdirectory.

2. Installation

Basically you do:

./configure
make
make install

Modify /etc/inetd.conf to contain the following line:

finger  stream  tcp     nowait  nobody    /usr/sbin/tcpd  /usr/sbin/in.fingerd

(this may vary on your platform)

See also the file INSTALL in this directory

3. Compatibility with GNU Finger

PIPserver has GNU Finger compatibility mode which allows you to run
GNU Finger on your site while using the featuers of the PIPserver:

You may simply replace the GNU Finger in.fingerd (which only handles
requests from "normal" finger clients) with the PIPserver
in.fingerd. This does not harm the site reporting capabilities of GNU
Finger since it uses a seperate in.cfingerd for its functions.

Note: you have to start the PIPserver in.fingerd with the "-g"
option.

4. Using the Client

Information about using the client may be found in the man page, pfinger(1).

5. What PFinger does not (but standard finger does)

- Indirect lookups (finger user@hostB@hostA) are not handled
  This not a bug, it's a feature :-)
  Seriously: Many people consider indirect fingers a security risk.

- Does not give away unnecessary information, that would only be
  helpful to an intruder:

  Does not give away:
  - home directory	: uninteresting 
  - user's shell	: uninteresting 
  - last login time	: interesting, but dangerous (an intruder could
			  find seldom used logins to break in).

- Users with an user id of less than 100 (defined in in.fingerd.c but
  configurable in /etc/fingerconf) and users with a file ~/.nofinger
  are hidden from fingering: 
  
  - No printing of user information (finger user@host)
  - No printing of online information (finger @host)
    (These accounts are like non-existant to finger)

    Note: The second point does not work in GNU Finger compatibility mode
	  (but it does work for the user with user name 'root')