Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

port 79 "finger"

Status
Not open for further replies.
abovebrd

abovebrd

IS-IT--Management
Joined
May 9, 2000
Messages
690
Location
US
Does port 79 "finger" server as a security threat.

I have it running on one of my servers and wonder if its really needed and if is a security risk ?



-Danny






 
Sort by date Sort by votes
There are a couple very old versions of finger that I believe have possible exploits with them. But the biggest problem with finger is the ability of hackers to do some recon of your network via finger.

For the most part finger is some what out dated and really not needed in today's networks. If it is something you would like to keep since people in your company rely on it for information about other, maybe think about just setting it up internally.

Hope this helps a bit,
Paul
 
Upvote 0 Downvote
Most of my users can barely navigate windows 98.

I am going to disbale port 79 "finger" i found I could telnet to it and enter a user name. It then gave me the users shell and a few other usefull hacker bits.

Thanks


-Danny






 
Upvote 0 Downvote
Yes it's the best to do. Indeed finger give possibilty to hackers to know the strucuture of your network.

Zoby
 
Upvote 0 Downvote
Hi,

I just set up a Linux box at home and would like to find out how do I determine if this "finger" port is also available on the box. Also, how do I disable it?

Thanks

Mike
 
Upvote 0 Downvote
Thats pretty easy

Finger is port 79.

a port scan will reveal all of your open ports.
There a utility called nmap that can be used for this.

Most internet sevices are located in /etc/xinetd.d
or /etc/inetd.conf

It depends on what version of Linux you have.

Other services are started at boot (/etc/rc.d/init.d)

Finger should be located in /etc/xinetd.d

For a newbie I would run a utility from the command line called "setup"

Go to system services, this will allow you to easily turn on and off services (such as finger)

dcd@pop.mainstreet.net




-Danny






 
Upvote 0 Downvote
Thanks Danny, I will give it a try.

Mike
 
Upvote 0 Downvote
NOTICE!
I've found the biggest threat to port 79 is that if a hacker telnets to it and runs a Denial of Services Attack on it the hacker will be given root access!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

LoPath
  • Locked
  • Question Question
Debian Linux "stretch" DHCP issues
Replies
1
Views
1K
LoPath
LoPath
Kishore Nandagopal
  • Locked
  • Question Question
rename a mulitple file based with specific porting in a file name
Replies
2
Views
467
Kishore Nandagopal
Kishore Nandagopal
jack6395
  • Locked
  • Question Question
Expect "spawn" command hangs in HPUX
Replies
0
Views
372
jack6395
jack6395
SamBones
  • Locked
  • Question Question
"mv" broken?!?
Replies
4
Views
476
SamBones
SamBones
trolley
  • Locked
  • Question Question
UX: cancel: WARNING: "-t" is not a request id or a printer
Replies
2
Views
428
trolley
trolley

Part and Inventory Search

Sponsor

Back
Top