Trilight Zone

[digital8]

Finger is a service that runs on port 79 and allows you to find information about users on the server that runs it.
Here, let me explain. A while ago my ISP, Netvision, had a finger daemon running on their port 79. It was publicly available, meaning that everyone was able to connect to port 79 on netvision.net.il (Netvision's server). All you had to do is to connect to that port, type in a username and hit enter. Or, you could simply type 'finger username@netvision.net.il' (without the quotes) on a Unix system and get the exact same results.
Anyway, this finger daemon was giving away private and often sensitive information, such as who this account belongs to (first and last name of the owner), whether this user is online or not (very useful. If someone puts you on invisible in ICQ, you could simply finger him and therefore tell whether he is online or not), when did he go online (or when was the last time he went online) and for how long, whether the user has new mail (and how many mail messages are waiting for him) and the user's home directory on Netvision's server.
Some finger daemons will go even further and tell you the user's phone number and home address. Ouchie...
Anyway, I called Netvision, yelled at them for a while and they decided to remove that little finger daemon of theirs.
So anyway, in case you're interested, here is how finger daemons work.
Every user on a Unix system has a home directory. This directory stores his private configurations files and suchlikes. When finger is given a username, it looks at the password file (see the 'Password Files' chapter), finds the user's home directory and looks for two files in this directory - '.project' and '.plan' (without the quotes). The .project file contains private information about this user, There are programs out there that will generate such a file for every user on the system and let you decide what information you want to include in it. Anyway, the second file, .plan, contains information written by the user.
Back on Netvision's finger server, I was able to telnet into netvision.net.il on port 23, access a menu shell, choose option number 3 and change my .plan file, but I wasn't able to delete or fake the information in my .project file. Most admins won't let the users on their system tamper with the .project file so it won't include any fake information or won't get "accidentally deleted".
Well, these are the basics of finger. For more information, I suggest trying to set up a finger daemon on a Unix box and playing around with it. If you don't want people to start snoofing around after you and the rest of the users on your machine, I suggest putting the finger daemon on a very high and unstandard port (such as 63982), so it won't be detected on a portscan (unless it's a very, very, very long portscan).

Note: on Windows, finger can be done by either:
(a) Telneting to port 79 on the server that hosts the user of your choice and typing in the username.
(b) Getting a Unix shell account and using the finger command.
(c) Downloading SamSpade from samspade.org.