Pokrewne
- Strona Główna
- Corey Rudl Internet Marketing Course (624 pages)
- Nienawisc w czasach internetu Alina Naruszewicz Duchlinska
- eBook Business Killer Internet Marketing Strategies
- Bezpieczenstwo Unixa w Internecie
- Bezpieczenstwo Unixa w Internecie (2)
- Cien wolnosci Dav
- Raport Witolda Pileckiego
- Uklad Elle Kennedy
- Pinkola Estes Clarissa Biegnaca z wilkami
- Dav
- zanotowane.pl
- doc.pisz.pl
- pdf.pisz.pl
- cukrzycowo.xlx.pl
[ Pobierz całość w formacie PDF ]
.However, the University of Zimbabweappears to be in the process of joining.When they do come online, their domain name will be uz.zw, and one of thefirst machines that they are likely to connect is named zimbix.uz.zw.This is very much the same situation that Hungary was in a few years ago, when Netfind discovered three registereddomains in Hungary, none of which were connected to the Internet.Today Hungary is on the Internet, and when I triedit, Netfind discovered over 100 Hungarian Internet domains.You can use the same technique to see if a prospective employer is on the Net by, for example, searching for anyonexerox.Or, if you hate to be out of touch even when you are on vacation, you can use Netfind to discover Internetconnections in the sun by searching for anyone palm beach.Where to Get Netfind Software for UNIXYou can retrieve the current version of Netfind via anonymous FTP from the University of Colorado:ftp.cs.colorado.edu:/pub/cs/distribs/netfind/netfind4.6.tar.Zftp.cs.colorado.edu:/pub/cs/distribs/netfind/seeddb.tar.ZThe first of these files is the Netfind source code.The second is the seed (or site) database.If you choose to run yourown copy of Netfind, you will probably want to retrieve a new copy of the seed database every few weeks.Note: Netfind only runs on Sun workstations, running SunOS 4.0 or greater.If you do decide to install your owncopy of Netfind, make sure you have enough disk space for the seed database, which is currently about 12MB in size.FingerFinger provides a very simple way to find information about users on your own system or on a remote systemanywhere on the Internet.It can tell you who's currently logged on to the system, and it can give more detailedinformation about particular users.http://docs.rinet.ru/ITricks/tig03.htm (19 of 25) [4/18/1999 12:37:34 AM] Tricks of the Internet Gurus tig03.htmTo use Finger on a UNIX system, for example, you simply type finger followed by a username.To Finger people on aremote system, append an "at" sign (@) and the remote host name to your query, as shown in the Figure 3.18.Figure 3.18.Fingering an individual.To get a list of all the people who are currently logged on to a remote system, use Finger but leave out the username.If, as in the following example, a query matches multiple users, many systems return only summary information abouteach user.To get the full information, you must enter a more specific query or use the -l option with Finger to ask for along listing.Examples of both of these uses of Finger are shown in Figure 3.19.Figure 3.19.More Finger examples.History of FingerFinger is one of the earliest, and simplest, of network information protocols, in which a user or program on one system(the client) can request information from another system (the server).The name Finger is derived from the phonecompany's old slogan, "Let your fingers do the walking."By Internet standards, Finger is an old protocol.In fact, its use predates the creation of the Internet by about six years.Much useful information about the Internet and its predecessor, the ARPAnet, is published in the form of RFCs(Request for Comment documents).The original Finger RFC (RFC 742) was published in December 1977, at whichtime only three sites used Finger (SAIL, SRI, and MIT).In those days, the main concern people had about Finger washow to promote its use.These days, the main concern is network security.Security IssuesFinger's security problems are summed up neatly by this quotation from RFC 1288:Warning!! Finger discloses information about users; moreover, such information may be considered sensitive.Security administrators should make explicit decisions about whether to run Finger and what information should beprovided in responses.One existing implementation provides the time the user last logged in, the time he last read mail,whether unread mail was waiting for him, and who the most recent unread mail was from! This makes it possible totrack conversations in progress and see where someone's attention was focused.Sites that are information-securityconscious should not run Finger without an explicit understanding of how much information they are giving away.A common procedure in many Internet break-in attempts is to compile a list of users on the target system, and then tosystematically try to guess their passwords.As a result, one of the most elementary precautions that security-conscioussystem administrators adopt is to disable the broadcasting of user lists to the Net.As a result, many sites refuse to answer Finger requests at all.Others will answer requests about specific users butrefuse the more general list users form of Finger query.One feature of the Finger protocol that was useful in the past has now become something of a security liability.This isthe capability of relaying Finger requests through an intermediate host.The purpose of this feature was to enable hostson two separate networks to finger each other through a gateway machine, but it has the unfortunate side effect ofenabling crackers to disguise their trail by passing Finger requests through an intermediate system.The Finger security issues mentioned so far are all of concern to people supplying Finger information, but there aresecurity issues for people who ask for Finger information as well.For one thing, not all Finger clients filter out controlcharacters, making it possible for unsavory individuals to embed escape sequences in their Finger information, messinghttp://docs.rinet.ru/ITricks/tig03.htm (20 of 25) [4/18/1999 12:37:34 AM] Tricks of the Internet Gurus tig03.htmup the terminal settings of anyone who fingers them.There is another potential problem for users of the X11 Windowing System.A few sites respond to Finger requests byusing X11 to display graphical output on the system that initiated the Finger query.This is used, for example, when youfinger yourhostname:0@drink.csh.rit.eduto draw a pretty picture of a soda machine on your screen.If, however, you set up your X11 security to enable arbitraryremote sites to display output on your screen, then users at those remote sites can do other things to your machine aswell, including such tricks as recording all of your keystrokes.Finger: How It WorksLike Telnet, FTP, Gopher and the World Wide Web, Finger uses a client/server protocol, in which the client and serverpass messages to one another using the Internet's underlying TCP/IP (Transmission Control Protocol/Internet Protocol).When you finger someone on another machine on the Internet, your Finger client software makes a TCP connection toport 79 of the remote host, sends a one-line request, and waits for a response.At the other end, the remote host'sInternet daemon process (inetd) waits for incoming TCP connections.When a request comes in on port 79, it starts upthe Finger daemon (fingerd) to deal with it.On some systems, there is no inetd, and the Finger daemon does all thework itself.The Finger daemon reads the request sent by your Finger client, processes it, and sends back the results, which yourFinger client then displays on your screen.To see how this works, let's consider a specific example, in which you try to finger me on one of our local UNIX hosts.When you type, for example, finger fogel@willow.usask.ca, your Finger client makes a connection to willow.usask.caon TCP port 79, sends the line fogel (the word fogel, followed by a carriage return/linefeed combination), andwaits for a response [ Pobierz całość w formacie PDF ]
zanotowane.pl doc.pisz.pl pdf.pisz.pl agnieszka90.opx.pl
.However, the University of Zimbabweappears to be in the process of joining.When they do come online, their domain name will be uz.zw, and one of thefirst machines that they are likely to connect is named zimbix.uz.zw.This is very much the same situation that Hungary was in a few years ago, when Netfind discovered three registereddomains in Hungary, none of which were connected to the Internet.Today Hungary is on the Internet, and when I triedit, Netfind discovered over 100 Hungarian Internet domains.You can use the same technique to see if a prospective employer is on the Net by, for example, searching for anyonexerox.Or, if you hate to be out of touch even when you are on vacation, you can use Netfind to discover Internetconnections in the sun by searching for anyone palm beach.Where to Get Netfind Software for UNIXYou can retrieve the current version of Netfind via anonymous FTP from the University of Colorado:ftp.cs.colorado.edu:/pub/cs/distribs/netfind/netfind4.6.tar.Zftp.cs.colorado.edu:/pub/cs/distribs/netfind/seeddb.tar.ZThe first of these files is the Netfind source code.The second is the seed (or site) database.If you choose to run yourown copy of Netfind, you will probably want to retrieve a new copy of the seed database every few weeks.Note: Netfind only runs on Sun workstations, running SunOS 4.0 or greater.If you do decide to install your owncopy of Netfind, make sure you have enough disk space for the seed database, which is currently about 12MB in size.FingerFinger provides a very simple way to find information about users on your own system or on a remote systemanywhere on the Internet.It can tell you who's currently logged on to the system, and it can give more detailedinformation about particular users.http://docs.rinet.ru/ITricks/tig03.htm (19 of 25) [4/18/1999 12:37:34 AM] Tricks of the Internet Gurus tig03.htmTo use Finger on a UNIX system, for example, you simply type finger followed by a username.To Finger people on aremote system, append an "at" sign (@) and the remote host name to your query, as shown in the Figure 3.18.Figure 3.18.Fingering an individual.To get a list of all the people who are currently logged on to a remote system, use Finger but leave out the username.If, as in the following example, a query matches multiple users, many systems return only summary information abouteach user.To get the full information, you must enter a more specific query or use the -l option with Finger to ask for along listing.Examples of both of these uses of Finger are shown in Figure 3.19.Figure 3.19.More Finger examples.History of FingerFinger is one of the earliest, and simplest, of network information protocols, in which a user or program on one system(the client) can request information from another system (the server).The name Finger is derived from the phonecompany's old slogan, "Let your fingers do the walking."By Internet standards, Finger is an old protocol.In fact, its use predates the creation of the Internet by about six years.Much useful information about the Internet and its predecessor, the ARPAnet, is published in the form of RFCs(Request for Comment documents).The original Finger RFC (RFC 742) was published in December 1977, at whichtime only three sites used Finger (SAIL, SRI, and MIT).In those days, the main concern people had about Finger washow to promote its use.These days, the main concern is network security.Security IssuesFinger's security problems are summed up neatly by this quotation from RFC 1288:Warning!! Finger discloses information about users; moreover, such information may be considered sensitive.Security administrators should make explicit decisions about whether to run Finger and what information should beprovided in responses.One existing implementation provides the time the user last logged in, the time he last read mail,whether unread mail was waiting for him, and who the most recent unread mail was from! This makes it possible totrack conversations in progress and see where someone's attention was focused.Sites that are information-securityconscious should not run Finger without an explicit understanding of how much information they are giving away.A common procedure in many Internet break-in attempts is to compile a list of users on the target system, and then tosystematically try to guess their passwords.As a result, one of the most elementary precautions that security-conscioussystem administrators adopt is to disable the broadcasting of user lists to the Net.As a result, many sites refuse to answer Finger requests at all.Others will answer requests about specific users butrefuse the more general list users form of Finger query.One feature of the Finger protocol that was useful in the past has now become something of a security liability.This isthe capability of relaying Finger requests through an intermediate host.The purpose of this feature was to enable hostson two separate networks to finger each other through a gateway machine, but it has the unfortunate side effect ofenabling crackers to disguise their trail by passing Finger requests through an intermediate system.The Finger security issues mentioned so far are all of concern to people supplying Finger information, but there aresecurity issues for people who ask for Finger information as well.For one thing, not all Finger clients filter out controlcharacters, making it possible for unsavory individuals to embed escape sequences in their Finger information, messinghttp://docs.rinet.ru/ITricks/tig03.htm (20 of 25) [4/18/1999 12:37:34 AM] Tricks of the Internet Gurus tig03.htmup the terminal settings of anyone who fingers them.There is another potential problem for users of the X11 Windowing System.A few sites respond to Finger requests byusing X11 to display graphical output on the system that initiated the Finger query.This is used, for example, when youfinger yourhostname:0@drink.csh.rit.eduto draw a pretty picture of a soda machine on your screen.If, however, you set up your X11 security to enable arbitraryremote sites to display output on your screen, then users at those remote sites can do other things to your machine aswell, including such tricks as recording all of your keystrokes.Finger: How It WorksLike Telnet, FTP, Gopher and the World Wide Web, Finger uses a client/server protocol, in which the client and serverpass messages to one another using the Internet's underlying TCP/IP (Transmission Control Protocol/Internet Protocol).When you finger someone on another machine on the Internet, your Finger client software makes a TCP connection toport 79 of the remote host, sends a one-line request, and waits for a response.At the other end, the remote host'sInternet daemon process (inetd) waits for incoming TCP connections.When a request comes in on port 79, it starts upthe Finger daemon (fingerd) to deal with it.On some systems, there is no inetd, and the Finger daemon does all thework itself.The Finger daemon reads the request sent by your Finger client, processes it, and sends back the results, which yourFinger client then displays on your screen.To see how this works, let's consider a specific example, in which you try to finger me on one of our local UNIX hosts.When you type, for example, finger fogel@willow.usask.ca, your Finger client makes a connection to willow.usask.caon TCP port 79, sends the line fogel (the word fogel, followed by a carriage return/linefeed combination), andwaits for a response [ Pobierz całość w formacie PDF ]