SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

What is it:
FingerTrace attempt to guess the computer and user a finger request came from it uses the output from netstat and optionally uses the ident protocol to determine the user doing the fingering

How to get it up and running:

Make sure to read and change the defines in configure.h You will also have to read carefully wfinger. If you have none of the systems listed in wfinger then send me the output of the command netstat -n and your os and ill add it in.

then its a straight compile with

make

which creates
look and fdaemon,
copy look and wfinger to where you said they would be in configure.h.

.plan must be a named pipe
read the man pages on mkfifo and/or mknod e.g to make .plan a named pipe on linux do its probably
mkfifo ~/.plan
or maybe
mknod -p ~/.plan

I suggest you copy your original .plan to something like .planreal before making .plan a named pipe

running is fdaemon plan-pipe realplan [logfile] typical usage is

nohup fdaemon ~/.plan ~/.realplan ~/planlog &

.realplan is whats displayed when you're fingered and then fdaemon tags where you were fingered from to the end of the output and optionally adds that addres to the logfile.

To test do finger username@your.computer.here

Needs awk, and a system that has named pipes, and a finger daemon that isn't going to complain about getting a named pipe instead of a plain text file. All the fingertrace does is track the computer that the finger request originated on, and while its at it can (if compiled in) output a random fortune as the finger data.

Doesnt need root access on the machine its being run on.

(aside, i notice on my linux machine that fingering a user locally e.g finger caolan
when you dont specify the computer name , does not show up in the netstat listing, in which case there is no attempt made by fdaemon to output a machine origination of the finger request, so to see it in action remember to put in the machinename if fingering locally or even better finger from another computer. caolan@skynet.csn.ul.ie from anywhere)

To see an example without bothering to do it for yourself finger caolan@skynet.csn.ul.ie

If fdaemon is not being run then a finger request to you will hang so make sure to keep fdaemon running. so maybe a crontab to check for its existance in case of reboots or something.

e.g crontab entry for linux
00 */1 * * * ~caolan/bin/linux.sh >> ~caolan/logerrors 2>&1

run check for fdaemons existance on the hour every hour.

C.
WWW: http://skynet.csn.ul.ie/~caolan
Mail: Caolan.McNamara@ul.ie

The look program included here is based on the hba program written by Chris Alfeld who used it in his fingertracing package which i based this tracer on.

P.S. i lumped in some linux quotes that can be used with fortune strfile -rs linux-quotes linux-quotes.dat is the correct way to generate the dat file.


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.