HPE Community
Operating System - HP-UX
1753876 Members
7529 Online
108809 Solutions
New Discussion юеВ

disabling finger completely

 
SOLVED
Go to solution
Barbara Flynn_1
Frequent Advisor

тАО10-02-2003 02:50 AM

тАО10-02-2003 02:50 AM

disabling finger completely

Hi

I am trying to disable finger on a 11.11 server, I have commented the entry from both the /etc/inetd.conf and services files, and rebooted the server but I can still run the finger command on the server!

Any ideas on how to stop this???

Thanks Barbara
0 Kudos
Reply
9 REPLIES 9
Pete Randall
Outstanding Contributor

тАО10-02-2003 02:52 AM

тАО10-02-2003 02:52 AM

Solution

Re: disabling finger completely

mv /usr/bin/finger /usr/bin/usedtobefinger
- or -
rm /usr/bin/finger


Pete


Pete
Reply
Patrick Wallek
Honored Contributor

тАО10-02-2003 02:53 AM

тАО10-02-2003 02:53 AM

Re: disabling finger completely

Move the finger command to finger.old.

Commenting out the lines in /etc/inetd.conf and /etc/services prevents someone from using finger on another machine to query your machine.

# finger @machine_name

Would result in a 'connection refused' error which is really what you want.
Reply
Francis_12
Trusted Contributor

тАО10-02-2003 02:55 AM

тАО10-02-2003 02:55 AM

Re: disabling finger completely

Hello Barbara,

To disable finger from remote connections, comment out the entries
in /etc/services and /etc/inetd.conf, restart inetd with the -c option. Test
using; finger @hostname.domain

Note; You will still be able to use finger on the system local, this can be
disabled by removing the execute permissions on the executable.

Hope this helps, Bye.

Francis DERDEYN - HP-UX ASCE.
Reply
Graham Cameron_1
Honored Contributor

тАО10-02-2003 02:57 AM

тАО10-02-2003 02:57 AM

Re: disabling finger completely

Barbara

What you did would prevent anyone from another machine running finger against your machine.
ie "finger @yourmc" will be disabled.

What Pete suggests will stop people running the "finger" command on your maching by renaming or removing the /usr/bin/finger command.

*BUT* - your really devious users may find that there is another copy of finger on /bin/finger - you should rename or remove that also.

BTW - what have you got against "finger" ???
Computers make it easier to do a lot of things, but most of the things they make it easier to do don't need to be done.
Reply
Barbara Flynn_1
Frequent Advisor

тАО10-02-2003 03:02 AM

тАО10-02-2003 03:02 AM

Re: disabling finger completely

All

Thanks for the help, problem solved, I had assumed that blocking the ports etc would be enough to stop the process on the machine itself.

Graham, I am hardening a server for a DMZ and finger is a security baddie!

Cheers Barbara
0 Kudos
Reply
Chris Vail
Honored Contributor

тАО10-02-2003 03:03 AM

тАО10-02-2003 03:03 AM

Re: disabling finger completely

Move or rename the finger command in /usr/bin. A niftier way to do this is to write a shell script, and refer to that shell script in /etc/inetd.conf.


Chris
Reply
Bill Hassell
Honored Contributor

тАО10-02-2003 06:56 AM

тАО10-02-2003 06:56 AM

Re: disabling finger completely

I would suggest getting a copy of Chris Wong's book HP-UX 11i Security. It covers the details quite well. I would also suggest getting a copy of Bastille for HP-UX (there is also a version for Linux too). Bastille will walk you through the services and ports but since it knows all the rules and metyhods, it will turn them off correctly. The nice part is that it walks you through the steps with detailed explanations.


Bill Hassell, sysadmin
0 Kudos
Reply
GK_5
Regular Advisor

тАО10-02-2003 07:00 AM

тАО10-02-2003 07:00 AM

Re: disabling finger completely

Remove finger from /etc/services, comment it in /etc/inetd.conf and run "# inetd -c"

-GK-
IT is great!
0 Kudos
Reply
Qchi321
New Member

тАО10-06-2020 11:28 AM

тАО10-06-2020 11:28 AM

Re: disabling finger completely

Where exactly do you type this in at?

 

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.