Path: utzoo!utgpu!news-server.csri.toronto.edu!clyde.concordia.ca!mcgill-vision!snorkelwacker!usc!ucsd!pacbell.com!pacbell!sactoh0!jak
From: jak@sactoh0.UUCP (Jay A. Konigsberg)
Newsgroups: comp.unix.questions
Subject: Re: Spy Programs??
Message-ID: <3715@sactoh0.UUCP>
Date: 16 Aug 90 01:46:26 GMT
References: <24123@adm.BRL.MIL>
Reply-To: jak@sactoh0.UUCP (Jay A. Konigsberg)
Organization: SAC-UNIX, Sacramento, Ca.
Lines: 30

In article <24123@adm.BRL.MIL> senetza@hg.uleth.ca (Leonard Senetza) writes:
>I have a few 'hostile' users on my system here.  I was wondering if anyone has
>a 'spy' type of program that would allow me to watch/record/control other
>users' sessions.  I could possibly write one myself, but why re-invent the
>wheel?
>
There are a few ways to do this. However, assuming you _are_ the
administrator of the system, there is one reasonably easy way.

Take the cables running to these hostile users terminals and splice into
them. Assuming everyone (including yourself) is using the same type of 
terminal, you can then run the T from the splice to your terminal. To
be on the safe side, you probably don't want to connect the "write" pin
(2 or 3, I can never remember).

Other options include re-writing the shell, taping into their history
file and putting a `tee -a` into their .profile. Each method has varying
levels of information available.

One last option, available to anyone on a system, is to write a shell
daemon that does periodic "ps -lfu u_name" (or similar) to check their
processes and CPU activity. While this meathod doesn't show exactly
what a user is doing, it does provide useful information to an
administrator.


-- 
-------------------------------------------------------------
Jay @ SAC-UNIX, Sacramento, Ca.   UUCP=...pacbell!sactoh0!jak
If something is worth doing, its worth doing correctly.