Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-21-2006, 08:17 PM
|
#1
|
LQ Newbie
Registered: Jun 2006
Posts: 9
Rep:
|
security question...
I was wondering something, I checked my network services and I see that I have finger running, how can someone use this to hack into my computer and how would they go about doing it? Thank you for your help.
|
|
|
06-21-2006, 09:56 PM
|
#2
|
Senior Member
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555
Rep:
|
They can use it to gain knowledge of user & system info. Any available information to a malicious user is good for them, even if all they know is that you run an rpm-based system. At least it gives them something. Read a couple Certified Ethical Hacking books and you'll get what I'm talking about.
As for how they'd exploit it, I believe their is a rule about posting info on how to crack into computers, and even if there wasn't, I can't predict how you and everyone else in the world reading this would use that information. All I can say is read up on as much hacking/cracking books and senarios you can, understand what runs on your system and how that effects the system, implement the most paranoid and rediculous security measures possible and then lessen the security if clients can't use the system in the ways they were meant to.
|
|
|
06-21-2006, 10:09 PM
|
#3
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
You don't need to run finger or offer the service. However, if you are behind a NAT router and don't have port 79 (both tcp/udp according to /etc/services) open, then this service is just available on the LAN. On the other hand, if this is your only computer, then there is absolutely no reason to offer it. For a host in the DMZ, offering services to the internet, you absolutely want to disable the service and block the port.
Last edited by jschiwal; 06-21-2006 at 10:11 PM.
|
|
|
06-21-2006, 10:11 PM
|
#4
|
Moderator
Registered: May 2001
Posts: 29,415
|
how can someone use this to hack into my computer and how would they go about doing it?
The finger daemon is an interactive service, it will accept input and will return output. The input must conform to rules. If these rules can be broken you can try to make it do stuff. If you for instance can force the application to accept malformed or too much input that it starts to execute commands you embedded in your input, then you can try to execute commands as the owner finger runs as. There are safe(r) versions of finger around and even ones that return bogus information. AFAIK about the only thing that still uses finger is IRC. As the rest said in general you won't need it. If you need it you would know ;-p
Last edited by unSpawn; 06-21-2006 at 10:12 PM.
|
|
|
06-21-2006, 11:22 PM
|
#5
|
Member
Registered: Mar 2004
Posts: 135
Rep:
|
check the story of Morris Worm.
|
|
|
All times are GMT -5. The time now is 10:46 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|