Product SiteDocumentation Site

5.9. Securing finger

If you want to run the finger service first ask yourself if you need to do so. If you do, you will find out that Debian provides many finger daemons (output from apt-cache search fingerd):
  • cfingerd - Configurable finger daemon
  • efingerd - Another finger daemon for unix, capable of fine-tuning your output.
  • ffingerd - a secure finger daemon
  • fingerd - Remote user information server.
  • xfingerd - BSD-like finger daemon with qmail support.
ffingerd is the recommended finger daemon if you are going to use it for a public service. In any case, you are encouraged to, when setting it up through inetd, xinetd or tcpserver to: limit the number of processes that will be running at the same time, limit access to the finger daemon from a given number of hosts (using tcp wrappers) and having it only listening to the interface you need it to be in.