#include <infodrom.style>
#include <projects.style>

<projectpg project="cfingerd">

<h3>Recommended setup</h3>

<p>After running cfingerd for quite a while, I have found that if you
make the cfingerd setup the most secure, you will have the least
problems.

<p>Cfingerd currently stops for all files from being symbolic links,
char devices, block devices, etc.  Basically, each file has to be a
normal file in order to be read by cfingerd.  With that in mind, you
should keep all files (whether or not they are read by root) as normal
files.  This will stop any problems in the future you may have.

<p><b>Root should always have a .nofinger file in his/her
directory!</b> This is only natural, since most System Admins don't
like to be fingered.

<p>It is highly recommended that you install identd on your system.
The installation process of identd is very painless and only takes
minutes to accomplish.  It's a great security program, and works very
well.  Install it.  Besides, if you don't, <a
href="http://www.ietf.org/rfc/rfc1413.txt">RFC 1413</a> compliance
won't be present on your system if someone from localhost fingers your
system.

<p>If you have multiple systems that you are running for ISP systems,
it is recommended that you install cfingerd on all those systems, and
put the resulting systems in the "system_list_sites" section of
cfingerd.conf.  This will make it so that you have a sorted output of
systems when a user fingers your system.  Don't use strange programs
when getting a userlist output - it will only make the final output
look strange.

<author>Ken Hollis</author>

</projectpg>

# Local variables:
# mode: html
# mode: auto-fill
# end: