Site Root : FingerTrace

Update

This little hack is absolutely ancient, and at this stage I believe that the default fingerd shipped with most unices will not allow a named pipe as your .plan. So this is exceedingly unlikely to work for you.

What is it: FingerTrace attempt to guess the computer and user a finger request came from it uses the output from netstat and optionally uses the ident protocol to determine the user doing the fingering

How to get it up and running:

Make sure to read and change the defines in configure.h You will also have to read carefully wfinger. If you have none of the systems listed in wfinger then send me the output of the command netstat -n and your os and ill add it in.

then its a straight compile with

make

which creates look and fdaemon, copy look and wfinger to where you said they would be in configure.h.

.plan must be a named pipe read the man pages on mkfifo and/or mknod e.g to make .plan a named pipe on linux do its probably mkfifo ~/.plan or maybe mknod -p ~/.plan

I suggest you copy your original .plan to something like .planreal before making .plan a named pipe

running is fdaemon plan-pipe realplan typical usage is

nohup fdaemon ~/.plan ~/.realplan ~/planlog &

.realplan is whats displayed when you're fingered and then fdaemon tags where you were fingered from to the end of the output and optionally adds that addres to the logfile.

To test do finger username@your.computer.here

Needs awk, and a system that has named pipes, and a finger daemon that isn't going to complain about getting a named pipe instead of a plain text file. All the fingertrace does is track the computer that the finger request originated on, and while its at it can (if compiled in) output a random fortune as the finger data.

Doesnt need root access on the machine its being run on.

(aside, i notice on my linux machine that fingering a user locally e.g finger caolan when you dont specify the computer name , does not show up in the netstat listing, in which case there is no attempt made by fdaemon to output a machine origination of the finger request, so to see it in action remember to put in the machinename if fingering locally or even better finger from another computer. caolan@skynet.csn.ul.ie from anywhere)

To see an example without bothering to do it for yourself finger caolan@skynet.csn.ul.ie

If fdaemon is not being run then a finger request to you will hang so make sure to keep fdaemon running. so maybe a crontab to check for its existance in case of reboots or something.

e.g crontab entry for linux 00 /1 * * ~caolan/bin/linux.sh >> ~caolan/logerrors 2>&1

run check for fdaemons existance on the hour every hour.

C. WWW: http://skynet.csn.ul.ie/~caolan Mail: Caolan.McNamara@ul.ie

The look program included here is based on the hba program written by Chris Alfeld who used it in his fingertracing package which i based this tracer on.

P.S. i lumped in some linux quotes that can be used with fortune strfile -rs linux-quotes linux-quotes.dat is the correct way to generate the dat file.

Download Package

FingerTrace/FingerTrace-1.0.0.tar.gz
Last generated at Sat Nov 2 12:10:05 2013 Caolán McNamara <caolan@skynet.ie> Created with WebMake/0.5