If the -w option is given, remote users will get an additional ``Welcome to ...'' banner which also shows some informations (e.g. uptime, operating system name and release) about the system the in.fingerd is running on. Some sites may consider this a security risk as it gives out information that may be useful to crackers.
If the -u option is given, requests of the form ``finger @host'' are rejected.
If the -l option is given, information about requests made is logged. This option probably violates users' privacy and should not be used on multiuser boxes.
If the -f option is given, finger forwarding (user@host1@host2) is allowed. Useful behind firewalls, but probably not wise for security and resource reasons.
The -p option allows specification of an alternate location for in.fingerd to find the ``finger'' program. The -L option is equivalent.
The -t option specifies the time to wait for a request before closing the connection. A value of 0 waits forever. The default is 60 seconds.
Options to in.fingerd should be specified in /etc/inetd.conf
The finger protocol consists mostly of specifying command arguments. The inetd(8) ``super-server'' runs in.fingerd for TCP requests received on port 79. Once connected in.fingerd reads a single command line terminated by a Aq Tn CRLF which is passed to finger(1). It closes its connections as soon as all output is finished.
If the line is empty (i.e. just a Aq Tn CRLF is sent) then finger returns a ``default'' report that lists all people logged into the system at that moment. This feature is blocked by the -u option.
If a user name is specified (e.g. eric Aq CRLF then the response lists more extended information for only that particular user, whether logged in or not. Allowable ``names'' in the command line include both ``login names'' and ``user names'' If a name is ambiguous, all possible derivations are returned.