Incomputer networking, theName/Finger protocol and theFinger user information protocol are simplenetwork protocols for the exchange of human-oriented status and user information.
The Name/Finger protocol is based onRequest for Comments document RFC 742 (December 1977) as an interface to thename andfinger programs that provide status reports on a particular computer system or a particular person at network sites. The finger program was written in 1971 byLes Earnest who created the program to solve the need of users who wanted information on other users of the network. Information on who is logged in was useful to check the availability of a person to meet. This was probably the earliest form ofpresence information for remote network users.
Prior to the finger program, the only way to get this information onWAITS was with a WHO program that showed IDs and terminal line numbers (the server's internal number of the communication line over which the user's terminal is connected) for logged-in users. In reference to the name FINGER, Les Earnest, wrote that he saw users of the WAITStime-sharing system run their fingers down the output of the WHO command.[1][better source needed]
The fingerdaemon runs onTCP port 79. The client will (in the case of remote hosts) open a connection to port 79. An RUIP (Remote User Information Program) is started on the remote end of the connection to process the request. The local host sends the RUIP one line query based upon the Finger query specification, and waits for the RUIP to respond. The RUIP receives and processes the query, returns an answer, then initiates the close of the connection. The local host receives the answer and the close signal, then proceeds to close its end of the connection.
The Finger user information protocol is based on RFC 1288 (The Finger User Information Protocol, December 1991)[2]. Typically theserver side of the protocol is implemented by a programfingerd orin.fingerd (forfingerdaemon), while theclient side is implemented by thename andfinger programs which are supposed to return a friendly, human-oriented status report on either the system at the moment or a particular person in depth. There is no required format, and the protocol consists mostly of specifying a singlecommand line.
The program would supply information such as whether a user is currently logged-on,e-mail address, full name etc. As well as standard user information, finger displays the contents of the.project and.plan files in the user'shome directory. Often this file (maintained by the user) contains either useful information about the user's current activities, similar tomicro-blogging, or alternatively all manner ofhumor.
Supplying such detailed information as e-mail addresses and full names was considered acceptable and convenient in the early days of networking, but later was considered questionable for privacy and security reasons.[citation needed]
Finger information has been used byhackers as a way to initiate asocial engineering attack on a company's computer security system. By using a finger client to get a list of a company's employee names, email addresses, phone numbers, and so on, a hacker can call or email someone at a company requesting information while posing as another employee.
The fingerdaemon has also had several[citation needed] exploitable security holes crackers have used to break into systems. For example, in 1988 theMorris worm exploited an overflow vulnerability infingerd (among others) to spread.[3]
For these reasons, by the late 1990s the vast majority of sites on the Internet no longer offered the service.[citation needed]
![[icon]](/mt/?noimg=&dark=on&url=http%3a%2f%2fen.wikipedia.org%2fwiki%2fFile%3aWiki_letter_w_cropped.svg) | This sectionneeds expansion. You can help byadding missing information.(January 2011) |
It is implemented onUnix (including modernFreeBSD andmacOS),Unix-like systems (such asLinux), and current versions ofWindows (finger.exe command). Other software has finger support:
| File system | |
|---|---|
| Processes | |
| User environment | |
| Text processing | |
| Shell builtins | |
| Searching | |
| Documentation | |
| Software development | |
| Miscellaneous | |
