NT FingerService Version 0.9
Finger Daemon for Windows NT
Here is a direct link to the
NT FingerService 0.9 package.
- Runs as an NT service or as an interactive process
- Strictly RFC 1288 compliant
- Detailed log file
- A plug-in dynamic library interface for customized responses to finger
queries. Supplied modules support
- idle time monitor
- OS version, machine uptime
- user list
- .plan files
- FREE, with source
Copy "fingerservice.exe" and the ".fpl" files into the directory where you
want them to live. Run "fingerservice" with the options "-add -start".
In a few seconds it should be installed and running. Congratulations.
Installation as an NT service requires that you have administrator
privileges. If you don't, you can run it in interactive mode. Run
"fingerservice" with the "-run" option; it starts up as a normal interactive
process (so it won't be around when you log out or after the machine
restarts), but otherwise it will behave as normal.
Run "fingerservice" with the "-remove" option. It should stop the service,
if necessary, and then delete the service from the service database. The files
can then be deleted.
Whenever the service is (re)started, it scans its directory for .FPL files.
These are libraries that answer finger queries. There are two libraries
Third party FPLs can be easily written and integrated.
Instructions and sample code are provided.
- This library responds to every query, giving the operating
system name and version, the time the machine was restarted (and how long
ago that was), the idle time, and a list of logged-on users with their login
names, home domains, real names and logged-on-at times.
Sorry, the list of logged-on users does not include RAS connections. The API
for getting that information seems to be undocumented. Microsoft is evil,
what else can I say.
- This library appends ".plan" to every query and returns the
file with that name, if it exists (in the same directory as the .FPL and
"fingerservice" files). (Queries that contain "\", "/", ":" or "." are ignored.)
Thus you can add appropriately named files to the directory to return
preset tracts of data.
I have chosen not to look in users' home directories for ".plan" files, as
the Unix finger daemons do. This could lead to unexpected breaches of security
for unsuspecting Windows users. If this feature is desired, then perhaps one
could write a script to periodically copy each user's ".plan" file into the
As distributed the daemon is secure, except for possible bugs. The
distributed FPL modules don't do anything nasty. PlanFile lets an external
user read the contents of the ".plan" files in the directory of the service
program, but not anything else. Of course, if you use other FPL modules, all
bets are off.
Request forwarding (see RFC 1288) is not implemented.
The service can be run under any userid (this can be changed in Control
Panel/Services), but certain features, in particular the idle time monitor,
will only work if the service is run under the System account with "Allow
service to interact with desktop" turned ON. This is the way the service sets
itself up by default. The service does not ever present a user interface,
or even create a window, so allowing desktop interaction does not cause
any local security problems. The user list feature requires the service to
run with at least Administrator privileges.
Microsoft haven't documented a way to get at the idle time counters in
Windows (they must be there to support the screen-saver API). My approach
is to check periodically whether the screen-saver is up and work out an
approximate idle time from that; in practice it works rather well. The
only problem is that it's very difficult to find out when the screen-saver
is active. For this, I use one undocumented call from the mostly-undocumented
multiple desktop API: GetInputDesktop. When the screen-saver is
active the input desktop is different from the normal desktop and that is
what I check for. This means that certain other events may be interpreted
as idleness, such as the Ctrl-Alt-Del screen, and also logins and logouts
may cause problems. Also, this approach requires that the service be able
to interact with the user's desktop, so the idle time monitor will only
work if the service is run under the "System" account with "Allow service
to interact with desktop" turned ON.
Permission is granted for anyone to use, modify and distribute all enclosed
source code and derived binaries, provided that this README.TXT file is
included in all distributions of derived source code and binaries.
I'm not asking for money, but if you end up using this, I would be pleased
if you would mail me to let me know that you're using it and tell me what you
think of it.
Send any mail to "email@example.com". I'll try to deal with any
problems or requests whenever I can. I may also create a Web page if demand
I don't intend to help much with people modifying the source code. It's
not a big program so I don't expect any problems you have to be too serious.
If you need any of these, let me know. If you can provide any assistance,
- make the FPLs more configurable
- add an FPL that provides a finger interface to the NT/LanMan user info
- make it work under Win95
- builds for other platforms (MIPS, Alpha, PPC)
- Fixed bugs, added user list, strictly RFC 1288 compliant.
First public release (9/17/95).
- Added installation code, ubiquitous error checking and error messages.
Hopefully other people can use it now.
- After lots of iterations of idle time methods and FPL interfaces,
a hand-installed build is in use on MAJESTY, my personal machine.