User information stored on the server is how the

Internet具有两种普遍标识，：用户Email地址和IP地址，两者都可以显示用户身份。 Internet has two common identity: Email address and IP address of the user, both can show the user identity. 用户Email地址很可能暴露用户的真实名称，因为用户的ISP都可能用Windows建立少量Web站点，但几乎所有的ISP都用UNIX做基本平台。 Email address of the user is likely to expose the user's real name, because the user's ISP can set up a small Web site can use Windows, but almost all of the ISP have to do with the basic UNIX platform. 这是因为UNIX（与一种称为RADIUS的协议匹配）是拨号帐户的管理变得非常容易，（如果处理数百甚至数千帐户的话，它提供的邮件支持也比NT更好）。 This is because the UNIX (known as the RADIUS protocol with a match) is a dial-up account management becomes very easy (if not handled, then hundreds or even thousands of accounts, which provides e-mail support is better than NT). finger是UNIX的一种普通服务。 finger is a common UNIX services. 其目的是向远程主机提供用户信息，并且与其它所有的TCP/IP服务一样，是基于客户机/服务器模式的。 The aim is to provide user information to a remote host, and all other TCP / IP services, is based on client / server mode. finger收听本地和远程来的请求用户信息的请求，当收到这样的请求时，它将目标上可用的所有信息转发出去（目标在此情况中就是用户）。 Listen to local and remote finger requests for user information request, when receiving such a request, it will target all the information available on the forwards (in this case is the target user). UNIX系统上，finger请求可以从命令提示行发出，然后来自finger服务器的结果显示在本地终端上。 UNIX systems, finger requests can be issued from the command prompt, and then the results from the finger server on a local terminal.

NT已经集成了对finger的支持，不再需要第三方客户程序。 NT has integrated support for the finger, no longer need third-party client. 在NT的机器中通过taeget@host.com进行finger查询。 In the NT machine by taeget@host.com the finger query.

即使ISP禁止finger请求用户名还是容易获得的。 Even if the ISP prohibits finger requests the user name is readily available. 当窥探者试图对用户进行finger查询并且发现finger不工作时，他们会转向用户的邮件服务器。 When the snooper trying to finger the user query and found finger does not work, they will turn to the user's mail server. 大多数情况下，邮件服务器接受端口25（发送邮件端口）的TELNET连接。 In most cases, the mail server to accept port 25 (mail port) of the TELNET connections. 如果外界能到达提示符，通过发送下面的命令很快就可以得到用户名： If the prompt to reach the outside world by sending the following command will soon be able to get the user name:

expn username expn username

expn命令将用户名插入到Email和真实的名字中，典型的响应如下： expn commands into the user name and real name Email, the typical response is as follows:

username realname username realname

第一个字段报告用户名或ID，后面是邮件地址，最后是用户的“真实”名字。 The first field report user name or ID, followed by e-mail address, and finally the user's "real" name. 系统管理可以屏蔽expn，但实际很少这样做。 System management can shield expn, but very few actually do so. 最好的安全策略还是将用户名的真实名字从passwd中删除。 The best security policy is the real name of the user's name removed from the passwd. 即使屏蔽了expn，还能用vfry核对用户名帐号是否存在（如果用户服务支持该功能的话） Even if the shield expn, but also check the user name account with vfry exists (if the user services support this feature it)

WHOIS服务 WHOIS services

WHOIS（服务集中地位于rs.internic.net）包含全美非军事internet站点的域名注册记录。 WHOIS (service centrally located in the rs.internic.net) contains the nation's non-military internet site's domain name registration records. 这个数据库包含每个internet站点的详细信息，包括域名、服务器地址、技术联系、电话号码和地址。 This database contains detailed information for each internet site, including domain name, server address, technical contact, phone number and address.