NT FingerService Version 0.9 By Robert O'Callahan (roc+fingerd@cs.cmu.edu, http://www.cs.cmu.edu/~roc) Finger Daemon for Windows NT FEATURES ======== Runs as an NT service or as an interactive process Strictly RFC 1288 compliant Detailed log file A plug-in dynamic library interface for customized responses to finger queries. Supplied modules support - idle time monitor - OS version, machine uptime - user list - .plan files FREE Try it out by fingering "@majesty.fac.cs.cmu.edu". The last-resort site for all associated files is ftp://majesty.fac.cs.cmu.edu/users/roc/ntfingerd/package INSTALLATION ============ Copy "fingerservice.exe" and the ".fpl" files into the directory where you want them to live. Run "fingerservice" with the options "-add -start". In a few seconds it should be installed and running. Congratulations. Installation as an NT service requires that you have administrator privileges. If you don't, you can run it in interactive mode. Run "fingerservice" with the "-run" option; it starts up as a normal interactive process (so it won't be around when you log out or after the machine restarts), but otherwise it will behave as normal. UNINSTALLATION ============== Run "fingerservice" with the "-remove" option. It should stop the service, if necessary, and then delete the service from the service database. The files can then be deleted. .FPL MODULES ============ Whenever the service is (re)started, it scans its directory for .FPL files. These are libraries that answer finger queries. There are two libraries supplied: - StdPlan.FPL: this library responds to every query, giving the operating system name and version, the time the machine was restarted (and how long ago that was), the idle time, and a list of logged-on users with their login names, home domains, real names and logged-on-at times. - PlanFile.FPL: this library appends ".plan" to every query and returns the file with that name, if it exists (in the same directory as the .FPL and "fingerservice" files). (Queries that contain "\", "/", ":" or "." are ignored.) Thus you can add appropriately named files to the directory to return preset tracts of data. Third party FPLs can be easily written and integrated. Email me for details. SECURITY ======== As distributed the daemon is secure, except for possible bugs. The distributed FPL modules don't do anything nasty. PlanFile lets an external user read the contents of the ".plan" files in the directory of the service program, but not anything else. Of course, if you use other FPL modules, all bets are off. Request forwarding (see RFC 1288) is not implemented. The service can be run under any userid (this can be changed in Control Panel/Services), but certain features, in particular the idle time monitor, will only work if the service is run under the System account with "Allow service to interact with desktop" turned ON. This is the way the service sets itself up by default. The service does not ever present a user interface, or even create a window, so allowing desktop interaction does not cause any local security problems. The user list feature requires the service to run with at least Administrator privileges. If you wish to use this software in an environment where security is a serious concern, email me and I will consider giving access to the source. But probably in such a case it would be best to not use software from strange net-people. IDLE TIMES ========== Microsoft haven't documented a way to get at the idle time counters in Windows (they must be there to support the screen-saver API). My approach is to check periodically whether the screen-saver is up and work out an approximate idle time from that; in practice it works rather well. The only problem is that it's very difficult to find out when the screen-saver is active. For this, I use one undocumented call from the mostly- undocumented multiple desktop API: GetInputDesktop. When the screen-saver is active the input desktop is different from the normal desktop and that is what I check for. This means that certain other events may be interpreted as idleness, such as the Ctrl-Alt-Del screen, and also logins and logouts may cause problems. Also, this approach requires that the service be able to interact with the user's desktop, so the idle time monitor will only work if the service is run under the "System" account with "Allow service to interact with desktop" turned ON. LICENSE ======= You can use this software for free. Distribute it as you wish. I'm not asking for money, but if you end up using this, I would be pleased if you would mail me to let me know that you're using it and tell me what you think of it. SUPPORT ======= Send any mail to "roc+fingerd@cs.cmu.edu". I'll try to deal with any problems or requests whenever I can. I may also create a Web page if demand warrants it. Surface mail address can be obtained by fingering "roc+@cs.cmu.edu". POSSIBLE ENHANCEMENTS ===================== - make the FPLs more configurable - add an FPL that provides a finger interface to the NT/LanMan user info database - make it work under Win95 - builds for other platforms (MIPS, Alpha, PPC) - internationalise If you need any of these, let me know. If you can provide any assistance, even better. VERSION HISTORY =============== 0.9: Fixed bugs, added user list, strictly RFC 1288 compliant 0.8: Added installation code, ubiquitous error checking and error messages. Hopefully other people can use it now. 0.7: After lots of iterations of idle time methods and FPL interfaces, a hand-installed build is in use on MAJESTY, my personal machine.