Provided by: fingerd_0.17-15_amd64 bug


     in.fingerd — remote user information server


     in.fingerd [-wulf] [-pL path] [-t timeout]


     Fingerd is a simple daemon based on RFC1196 that provides an interface to the “finger”
     program at most network sites.  The program is supposed to return a friendly, human-oriented
     status report on either the system at the moment or a particular person in depth.

     If the -w option is given, remote users will get an additional “Welcome to ...” banner which
     also shows some informations (e.g. uptime, operating system name and release) about the
     system the in.fingerd is running on. Some sites may consider this a security risk as it
     gives out information that may be useful to crackers.

     If the -u option is given, requests of the form “finger @host” are rejected.

     If the -l option is given, information about requests made is logged. This option probably
     violates users' privacy and should not be used on multiuser boxes.

     If the -f option is given, finger forwarding (user@host1@host2) is allowed.  Useful behind
     firewalls, but probably not wise for security and resource reasons.

     The -p option allows specification of an alternate location for in.fingerd to find the
     “finger” program. The -L option is equivalent.

     The -t option specifies the time to wait for a request before closing the connection.  A
     value of 0 waits forever.  The default is 60 seconds.

     Options to in.fingerd should be specified in /etc/inetd.conf.

     The finger protocol consists mostly of specifying command arguments.  The inetd(8)
     “super-server” runs in.fingerd for TCP requests received on port 79.  Once connected
     in.fingerd reads a single command line terminated by a ⟨CRLF⟩ which is passed to finger(1).
     It closes its connections as soon as all output is finished.

     If the line is empty (i.e. just a ⟨CRLF⟩ is sent) then finger returns a “default” report
     that lists all people logged into the system at that moment. This feature is blocked by the
     -u option.

     If a user name is specified (e.g.  eric⟨CRLF⟩) then the response lists more extended
     information for only that particular user, whether logged in or not.  Allowable “names” in
     the command line include both “login names” and “user names”.  If a name is ambiguous, all
     possible derivations are returned.


     finger(1), inetd(8)


     Connecting directly to the server from a TIP or an equally narrow-minded TELNET-protocol
     user program can result in meaningless attempts at option negotiation being sent to the
     server, which will foul up the command line interpretation.


     The finger daemon appeared in 4.3BSD.