Firewalls: Finger-back service?

Firewalls
(January 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Finger-back service?
From:	ferioli @ disaster . com (Michael Ferioli - D&D Consulting)
Date:	Thu, 5 Jan 95 09:11 EST
To:	FIREWALLS @ greatcircle . com

Does anyone know if there is a way to have your firewall do a finger on the
user who is attempting to connect to your service?  As I see it, the only
problem would be determining the user name of the callee since that doesn't
appear to be sent to the host.  Any ideas on how to program this?  Perhaps
just a simple fingering of the site and logging that to a file would be
sufficient.  That way if the firewall was attacked, you could contact the
sysadmin of the calling host and forward on a list of users that were logged
in (and non-idle) and the time of the attack.

Ideas?


------------------------------------------------------------------------------
Michael D. Ferioli                     Design & Disaster Recovery Consulting
Special Projects Consultant            Suite 300
ferioli @
 disaster .
 com                   9 Elm Street
                                       Albany, NY 12202
                                       info @
 disaster .
 com

Follow-Ups:

Re: Finger-back service?
From: "Alec H. Peterson" <chuckie @ panix . com>

Indexed By Date	Previous:	Re: sockd From: Rens Troost <rens @ imsi . com>
Indexed By Date	Next:	Re: spoofing TCP/SYN packets? From: system PRIVILEGED account <root @ wu1 . wl . aecl . ca>
Indexed By Thread	Previous:	Re: Brief review of Firewall-1 - installation, support, failure modes From: "Alastair Young" <alastair @ cadence . com>
Indexed By Thread	Next:	Re: Finger-back service? From: "Alec H. Peterson" <chuckie @ panix . com>