Re: Remotely check login status

From: Meta Junkie <metajunkie@xxxxxxxxx>
Date: Mon, 19 Jan 2009 18:30:10 -0500

perhaps you could find some way to wrap some security around "finger".

or perhaps only allow finger within an area you can only get to via a
secure vpn.

you might want to google for some unix or linux man pages describing
the use of finger - it can be used remotely.

I wouldn't use finger as it was originally designed - without any
security... but I believe it does what you are looking for (in a very
unsecure way if open to the Internet)

good luck

Metajunkie
PS
there is a whole suite of programs that we usually "outlaw" because
they are too friendly (read: unsecure). They might be of interest to
you though. Collectively you might find them referred to as "the
Berkley "R" functions. They are very functional - but they were built
back in "simpler times" ;) without somehow mitigating the risks they
introduce, they should not be used.

On Sat, Jan 17, 2009 at 4:41 PM, Christian Eibl <chreibl@xxxxxx> wrote:

Hi all,

I was wondering, if there exist means of checking remotely whether someone
is already logged onto the system. Since most modern systems today need
users to input their authentication data instead of automatically provide
full access, there obviously are different states in the operating systems,
i.e., just completely started up or even with users active in the system.

This question does not aim at a specific OS but is meant for all systems.
The most obvious way of such checks would consist of specific network
services only started by certain users on the systems. Well, I am no
Windows geek, but I could also imagine that file or printer sharing
together with this port 139 / 445 stuff could provide information about
this, but I am not sure...

Anyone an idea how or whether this is possible? It is especially interesting
concerning privacy within networks.

Regards,
Christian

--
010101010101010101010101010101010
010101010101010101010101010101010
0101010101 Meta Junkie 101010101010
010101010101010101010101010101010
010101010101010101010101010100101

References:
- Remotely check login status
  - From: Christian Eibl

Prev by Date: apache security with mod_python
Next by Date: Re: Looking for a Trojan
Previous by thread: RE: Remotely check login status
Next by thread: Re: Remotely check login status
Index(es):
- Date
- Thread

Relevant Pages

New Remote Hole found in Berkeley Fingerd!
... New Remote Hole found in Berkeley Fingerd! ... We have discovered a remote vulnerability in Berkeley finger, ... The GOBBLES Research Team ... GOBBLES LABS was pioneered in year 2001 to address security threat to ...
(Vuln-Dev)
Re: Fingerprint as cryptokey
... This is a HUGE step backward from the security of the systems being ... of the smart card systems being rolled out. ... I know my system better than you, and my RSA keys can be any length. ... The finger is a token. ...
(sci.crypt)
RE: SNMP Scans 02/17/02
... but we're still stuck with things like SNMP and SMTP ... that understand nothing about security, because they were not intended to, ... Finger pointing just produces a lot of confusing ... one way or another ISPs need to be fingered. ...
(Incidents)
Re: Sony Viao Issue Adding to a Domain
... need to have domain support is when it is a token based security like RSA ... Can you post the model number I can look up the OEM for the finger print ... Andrew Hodgson in Bromyard, Herefordshire, UK. ...
(microsoft.public.windows.server.sbs)
Re: restrict a deamon to local netowrk
... >Hi I would like to restrict some deamons like finger to just local ... >network without a lake of security. ...
(comp.unix.solaris)