Finger Daemon Service for Windows NT workstation/server
version 1.0.2
Written by Randy Ding
randyd@lse.fullfeed.com
http://www.lse.fullfeed.com/~randyd
July 1997

Please contact the author if you are using this program so that you can
be notified in the event of bug fixes/enhancements.

File summary:
    fingerd.exe           Intel service, don't rename or move after install
    fingerd-axp.exe       DEC Alpha service, rename to fingerd.exe
    finger_log.txt        gets created in service logon account home directory
                          log entries stop when size reaches 1 Meg!!!!!!!!!!!!
    finger_sound.txt      looked for in the service logon account home dir
                          name of sound file to play, or say "messagebeep"
    default_plan.txt      looked for in the service logon account home dir
                          response for "finger @host" with no user name
    plan.txt              looked for in each user home directory
    project.txt           looked for in each user home directory

Note: Executing the service EXE file with no parameters will display
      version number and date it was compiled.  No actions will be
      performed by this, however there is a short exit delay while the
      SC manager is called.  Just wait 10 seconds for it to exit normally.

Expert users who know all about installing services from the command line
and also how to administer a network may jump to item -12- below.

What's in this readme.txt file..

-00- Features..
-01- This service must log on to an administrator account.
-02- Be sure to correctly configure the service logon account profile.
-03- Be sure to correctly configure all of the user profiles.
-04- A log file called FINGER_LOG.TXT will be created.  1 MEG MAX SIZE!
-05- Fingerd will respond with DEFAULT_PLAN.TXT for a client "finger @host".
-06- Fingerd will respond with standard header, PROJECT.TXT, and PLAN.TXT.
-07- Max response size, and what invalid chars are removed from a response.
-08- Playing a sound when fingerd service receives a finger request.
-09- What is a valid user name accepted from the finger client.
-10- Things which may terminate the service.
-11- Fingerd service dependencies.
-12- To install FINGERD.EXE as a service.
-13- To uninstall FINGERD.EXE which was installed as a service.



-00- Features..
  (.) Free, not crippled, fully functional.
  (.) UNIX style finger daemon (port 79) service for Windows NT 3.5x and 4.0.
  (.) Installs as an NT Service.
  (.) If placed on the network domain controller will work for all users.
  (.) PLAN.TXT and PROJECT.TXT may be placed in each user home directory.
  (.) Displays Last Login time or On Since time.
  (.) Will return DEFAULT_PLAN.TXT when client does "finger @host"
  (.) Uses FINGER_SOUND.TXT to play a sound file (or MessageBeep(MB_OK))
  (.) Keeps a log file FINGER_LOG.TXT of finger requests and error messages.


-01- This service must log on to an administrator account.
     See "<Startup>" in control_panel->servics.
     I don't suggest using the "Administrator" account for this purpose,
     because changing the password on this account will break the service,
     requiring you to go into the control_panel to set the service's password
     to the new one.  Instead, create a separate account for this purpose
     that has administrator privilege.
     Administrator privilege on the service is not necessarily required as
     long as all the files/directories it needs to read/write have the
     appropriate access rights.



-02- Be sure to correctly configure the service logon account profile.
     Using the user manager check that the service logon account has a
     home directory specified in the profile (in netBIOS format) and
     that the home directory actually exists.  This is where the service
     will create the log file FINGER_LOG.TXT, and also where the service
     will look for FINGER_SOUND.TXT and DEFAULT_PLAN.TXT.

     The service startup must specify this account name and password.
     If you fail to specify a valid account name and password with the
     appropriate privileges then fingerd will not get plan/project files
     from users and also no log file will be generated.  This is because the
     files are being accessed by their netBIOS name,
     i.e. \\alpha1\user3\plan.txt, and a service which is not logged in does
     not have network access.



-03- Be sure to correctly configure all of the user profiles.
     Using the user manager check that every user has a home directory
     specified in their profile (in netBIOS format) and that their home
     directory actually exists.  This is where the service will look for
     each user's PLAN.TXT and PROJECT.TXT files when a finger client does
     "finger username@host".



-04- A log file called FINGER_LOG.TXT will be created.  1 MEG MAX SIZE!
     It will be located in the home directory of the service logon account.
     The service is hard coded to stop log entries when the file size reaches
     1 Meg in size.  This prevents malicious attempts to crash the system.
     This log file will contain single line entries beginning with the
     date/time of the finger request, the dotted decimal ip address, the
     ip name (or "<unknown>" without quotes if name server can't resolve),
     and finally in quotes up to the first 18 chars of the request.
     The fingerd services terminates the connection immediately if the
     client sends more than 18 chars.  Max length of username is 15 chars.
     The username may not have been supplied by the finger client request.
     The three chars "/W " may precede the optional username, this means
     the client is asking for extended information, i.e. client used
     -l switch "finger -l username@host".  The fingerd service ignores the
     /W switch if it is received, but it is still shown in the log file.
     Winsock error messages will also appear in this log file, and so will
     service start and stop messages.  "net stop fingerd" will log
     "finger-d service stopped", but system shutdown will not.  At the time
     of this writing I believe the OS is just killing the process outright
     during a shutdown, therefore no log entry??  See also dependencies.

Example log file entries:
    (the first and last lines shown here indicate service start and stop)

Wed Jul 02 21:52:38 1997 finger-d service by Randy Ding V1.0.2 Jun 29 1997
Wed Jul 02 21:52:50 1997 127.0.0.1 localhost "randyd"
Wed Jul 02 21:53:10 1997 127.0.0.1 localhost "/W randyd"
Sat Jul 05 12:19:29 1997 finger-d service stopped



-05- Fingerd will respond with DEFAULT_PLAN.TXT for a client "finger @host".
     If DEFAULT_PLAN.TXT is in the service logon account home directory
     then it will be returned as the response when the client does not specify
     any username.  If the file is not present, then "No Plan." is returned.



-06- Fingerd will respond with standard header, PROJECT.TXT, and PLAN.TXT.
     The fingerd service is made to look like the standard UNIX finger
     response.  If the supplied user name is not valid in the finger
     service's domain, then the the response will look like..

Login name: <invalid user name here>    In real life: ???

     For a valid user, the Directory: field will show the netBIOS home
     directory of the user.  The Shell: field will reflect the OS/Platform
     of the server on which the fingerd service is installed.
     The "On since"/"Last login" line in some circumstances could be
     incorrect, but fingerd will always report what the OS indicates
     is the most current information regarding this user.
     The "No unread mail" is bogus, just there for looks.
     Project: line will be present if the PROJECT.TXT is found in the
     users home directory.  This file is displayed in its entirety, not
     just the first line as is done by the UNIX fingerd.
     Plan: or "No Plan." is displayed, and the PLAN.TXT from the users
     home directory will be appended to the end of the finger response.


Example of fingerd response with valid user name:

Login name: randyd                      In real life: Randall E Ding
Directory: \\alpha\randyd               Shell: Windows NT 4.0 (ALPHA)
On since Sat Jul 05 12:21:51 1997
No unread mail
Project: This is randyd's PROJECT.TXT file.
Plan:
This is randyd's PLAN.TXT file.



-07- Max response size, and what invalid chars are removed from a response.
     The maximum response size will never exceed 8191 chars.  This is hard
     coded into the service.  The combined total chars of the header +
     project + plan files will not be bigger than this.
     The response is filtered before delivery to the finger client, and all
     occurrences of illegal characters are removed.  The only valid chars
     are the following..

         CTRL-J   (line feed)
         CTRL-I   (Tab)
         ASCII-32 (space)  .. to ..  ASCII-126 inclusive.

     All other chars including CTRL-M are omitted from the response.
     If the PLAN.TXT, PROJECT.TXT, DEFAULT_PLAN.TXT files do not end their
     lines with a CTRL-J, then there will not be any end of line termination
     character, as the fingerd service does not add them.
     Note:  Invalid chars are actually omitted, not replaced with spaces,
            thus making the response shorter.



-08- Playing a sound when fingerd service receives a finger request.
     The file FINGER_SOUND.TXT if present in the service logon account
     home directory will be loaded every time an attempt is made by
     the fingerd service to log something in the FINGER_LOG.TXT file.
     This includes errors and finger requests.  This does not include
     starting and stopping the fingerd service.
     FINGER_SOUND.TXT may contain either a netBIOS path to a sound file
     (gets played by the PlaySound() function) or it may contain the text
     "messagebeep" in which case the system default beep will be sounded.
     Only the first line of this file is read, ending at the first
     line feed.  If the file FINGER_SOUND.TXT is not found, or the netBIOS
     name contained in this file is not found, or the text "messagebeep"
     is not the first text in the FINGER_SOUND.TXT file, then no sound
     will be played.



-09- What is a valid user name accepted from the finger client.
     The fingerd service is trying to avoid attacks by limiting the size
     of a user input to 18 chars, and also limiting the chars allowed
     for a user name.  The max size of a user name is 15 chars.
     The internal buffers can not be overflowed.
     The only valid chars allowed in a user name are the following..

         'a' .. to .. 'z'
         'A' .. to .. 'Z'
         '0' .. to .. '9'
         '_' , '-'

     The fingerd services parses the user name from right to left
     and stops at the first invalid char.  The entire user name is
     logged unmodified up to the first 18 chars.  Upon receiving
     the 19th char the connection to the client is closed and the
     fingerd service waits for a new connection after a short time delay.



-10- Things which may terminate the service.
     The service will terminate in one of the following ways..
  (.) System Shutdown, no log entry is made.
  (.) "net stop fingerd"  This is logged in FINGER_LOG.TXT.
  (.) Service <STOP> button in control_panel->services.  Same as above.
  (.) Winsock error while trying to create the port 79 server socket.
      This is logged in FINGER_LOG.TXT with the winsock error name.
      Simple errors while receiving/sending data do not terminate
      the service, but do close the connection to the present client
      and generate a log entry in FINGER_LOG.TXT with the winsock
      error name.  If the next call to accept(sock,..) is successful
      after such an error the fingerd service will recover with no problems,
      otherwise it will terminate as stated above.



-11- Fingerd service dependencies.
     The fingerd service will not start unless the two services "Eventlog"
     and "Server" (aka. "LanmanServer") are started.
     This is so that a system startup will log the startup in the
     FINGER_LOG.TXT file.  The Eventlog isn't really needed but the
     functionality exists for the service to (in future versions) log errors
     in the system log.



-12- To install FINGERD.EXE as a service.
   1) Place file in a safe directory, like C:\WIN32APP\FINGERD\FINGERD.EXE
      FINGERD.EXE must remain there, as it will be loaded each time you
      reboot.  Don't rename the service .EXE file.
   2) From the command line, cd to the directory which contains the service,
      <<< from the ROOT of the drive! >>>
      Do not install the service from a mapped drive letter.  The service will
      always fail to start if you are in a mapped drive letter when you
      install.
   3) type at the command prompt:  fingerd -install
   4) From the control_panel->services->startup change "fingerd" to
      automatic and then select a user account with Administrator priv
      and enter the password for that account.
   5) Start the service either from control_panel->services by
      pressing <start> or type at the command line
      (from anywhere this time):  net start fingerd
   6) Now test the service by checking that the FINGER_LOG.TXT was created
      in the home directory of the administrator under which you associated
      this service in step 4 above.
      "finger @localhost" should make another log entry.
      "finger yourname@localhost" should make another log entry.



-13- To uninstall FINGERD.EXE which was installed as a service.
   1) From the command line cd to the directory where the FINGERD.EXE is
      located.
   2) type:  net stop fingerd
   3) type:  fingerd -remove
   4) You may now delete the file FINGERD.EXE.

<end of README.TXT>
