At 2002-11-22T03:18:29Z, Jeff Jirsa <[EMAIL PROTECTED]> writes: > Finger is relatively safe. Most of the arguments for not allowing it > involve privacy rather than security (I don't really like people knowing > when I log in and out, if they need to bother me, there are better ways to > track me down).
Well, privacy and security are almost directly related in this case. finger gives a nice route for would-be attackers to get a list of usernames from the system in that it's a pretty quick way to do a dictionary attack of names against a server. -- Kirk Strauser In Googlis non est, ergo non est. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
