Update finger command documentation to clarify differences between fi…

…nger command and in.fingerd service (#317)

ebook/en/content/022-the-finger-command.md

@@ -1,15 +1,16 @@
 
-# The `finger` command
+# The `finger` Command
 
-The `finger` displays information about the system users.
+The `finger` command displays information about local system users by querying files such as `/etc/passwd`, `/var/run/utmp`, and `/var/log/wtmp`. It is a local command and does not rely on any service or daemon to run. This command helps to quickly retrieve user-related details such as login times, idle status, and other system information.
 
 ### Examples:
 
-1. View detail about a particular user.
+1. View details about a particular user.
 
 ```
 finger abc
 ```
+
 *Output*
 ```
 Login: abc                          Name: (null)
@@ -21,11 +22,12 @@ Unread since Sat Jun  7 12:59 2003 (IST)
 No Plan.
 ```
 
-2. View login details and Idle status about an user
+2. View login details and idle status about a user.
 
 ```
 finger -s root
 ```
+
 *Output*
 ```
 Login     Name       		Tty      Idle  Login Time   Office     Office Phone
@@ -35,42 +37,66 @@ root         root           *3        Mon 20:20
 root         root           *ta    2  Tue 15:43
 root         root           *tb    2  Tue 15:44
 ```
+
 ### Syntax:
 
 ```
 finger [-l] [-m] [-p] [-s] [username]
 ```
 
+### Additional Flags and Their Functionalities:
 
-### Additional Flags and their Functionalities:
-
-|**Flag**   |**Description**   |
+| **Flag** | **Description** |
 |:---|:---|
-|`-l`|Force long output format.|
-|`-m`|Match arguments only on user name (not first or last name).|
-|`-p`|Suppress printing of the .plan file in a long format printout.|
-|`-s`|Force short output format.|
+| `-l` | Force long output format. |
+| `-m` | Match arguments only on username (not first or last name). |
+| `-p` | Suppress printing of the .plan file in a long format printout. |
+| `-s` | Force short output format. |
+
+### Additional Information:
+
+**Default Format**:  
+The default format includes items like login name, full username, terminal name, and write status. The command provides details like idle time, login time, and site-specific information.
+
+**Longer Format**:  
+In a long format, the command adds details such as the user’s home directory, login shell, and the contents of `.plan` and `.project` files.
+
+---
 
-### Additional Information
-**Default Format**
+## Privacy Considerations
 
-The default format includes the following items:
+While the `finger` command is useful for retrieving information about system users, it may also expose sensitive details in shared or multi-user environments:
 
-Login name  
-Full username  
-Terminal name  
-Write status (an * (asterisk) before the terminal name indicates that write permission is denied)  
-For each user on the host, the default information list also includes, if known, the following items:
+1. **Usernames and Login Times**: Displays login times, which can be used to track user activity.
+2. **Home Directories**: Exposes paths to users’ home directories.
+3. **Idle Status**: Shows how long a user has been inactive, potentially signaling whether they are actively using their system.
+4. **Mail Status**: Displays mail information, which may inadvertently reveal user engagement.
 
-Idle time (Idle time is minutes if it is a single integer, hours and minutes if a : (colon) is present, or days and hours if a “d” is present.)  
-Login time  
-Site-specific information
+### Potential Risks:
+In environments with untrusted users, the information exposed by `finger` could be exploited for:
 
-**Longer Format**
+- **Social Engineering Attacks**: Malicious actors could use this information to craft personalized phishing attacks.
+- **Timing Attacks**: Knowing when a user is idle or active could give attackers an advantage in timing their attempts.
+- **Targeted Attacks**: Knowledge of user home directories can focus attacks on those locations.
 
-A longer format is used by the finger command whenever a list of user’s names is given. (Account names as well as first and last names of users are accepted.) This format is multiline, and includes all the information described above along with the following:
+### Mitigating Privacy Risks:
+To mitigate these risks, consider limiting access to the `finger` command in environments where user privacy is important.
+
+---
+
+## The `in.fingerd` Service
+
+It’s important to distinguish between the `finger` command and the **`in.fingerd` service**. The `finger` command is local, while `in.fingerd` is a network daemon that allows remote queries of user information. This service is typically disabled by default in modern systems due to potential security risks.
+
+If enabled, the `in.fingerd` service can expose user information over the network, which could be exploited by attackers. To mitigate this risk, system administrators should ensure the service is disabled if it is not needed.
+
+### Disabling the `in.fingerd` Service:
+
+If you are concerned about remote queries, you can disable the `in.fingerd` service:
+
+```bash
+sudo systemctl disable in.fingerd
+sudo systemctl stop in.fingerd
+```
 
-User’s $HOME directory  
-User’s login shell  
-Contents of the .plan file in the user’s $HOME directory  
-Contents of the .project file in the user’s $HOME directory
+By disabling the `in.fingerd` service, you prevent remote querying of user information, enhancing system security.