Codebase list cfingerd / upstream/1.4.3+git20200923.1.a3619c4 RECOMMEND
upstream/1.4.3+git20200923.1.a3619c4

Tree @upstream/1.4.3+git20200923.1.a3619c4 (Download .tar.gz)

RECOMMEND @upstream/1.4.3+git20200923.1.a3619c4raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
CFINGERD
Recommended setups

After running cfingerd for quite a while, I have found that if you make 
the cfingerd setup the most secure, you will have the least problems.

CFINGERD currently stops all files from being symbolic links, char 
devices, block devices, etc.  Basically, each file has to be a normal 
file in order to be read by cfingerd.  With that in mind, you should keep 
all files (whether or not they are read by root) as normal files.  This 
will stop any problems in the future you may have.

ROOT SHOULD ALWAYS HAVE A .nofinger FILE IN HIS/HER DIRECTORY!  This is 
only natural, since most System Admins don't like to be fingered.  

IT IS HIGHLY RECOMMENDED that you install identd on your system.  The 
installation process of identd is very painless and only takes minutes to 
accomplish.  It's a great security program, and works very well.  Install it.
Besides, if you don't, RFC1413 compliance won't be present on your system
if someone from localhost fingers your system.

If you have multiple systems that you are running for ISP systems, it is 
recommended that you install cfingerd on all those systems, and put the 
resulting systems in the "system_list_sites" section of cfingerd.conf.  
This will make it so that you have a sorted output of systems when a user 
fingers your system.  Don't use strange programs when getting a userlist 
output - it will only make the final output look strange.