On Wed, Apr 19, 2000 at 08:08:39AM -0400, JavaMan wrote:
> This is not a new problem. This is a very old issue that has been
> ignored for too long. What is new, however, is the large number of users who
> are now on dialup access, and consequently, dialed into unsecured servers.
Much, if not all, the same information can be gained with the use of
a much older tool, 'finger'
finger -l @terminalserver.target.com
There's much serious problems with having a guessable community
name than leeking a few lusers account details.
Solution: disable fingerd on your terminal servers
Steve
--
'Cold Fire, Britains most notorious hacker' Observer, July 1997
'The most recent conviton was that of [Cold Fire] whose On-line
escapades spanned from hacking into educational sites to more
sinister activities such as tapping into industrial and United
States military sites.' DC Paul Cox, SO6 Scotland Yard CCU
