Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!uwm.edu!zaphod.mps.ohio-state.edu!wuarchive!swbatl!texbell!moxie!texsun!newstop!sun!amdahl!netcom!ergo
From: ergo@netcom.UUCP (Isaac Rabinovitch)
Newsgroups: comp.unix.questions
Subject: Re: Spy Programs??
Message-ID: <12066@netcom.UUCP>
Date: 16 Aug 90 16:57:53 GMT
References: <24123@adm.BRL.MIL> <3715@sactoh0.UUCP>
Reply-To: ergo@netcom.uucp
Organization: UESPA
Lines: 31

In <3715@sactoh0.UUCP> jak@sactoh0.UUCP (Jay A. Konigsberg) writes:

>In article <24123@adm.BRL.MIL> senetza@hg.uleth.ca (Leonard Senetza) writes:
>>I have a few 'hostile' users on my system here.  I was wondering if anyone has
>>a 'spy' type of program that would allow me to watch/record/control other
>>users' sessions.  I could possibly write one myself, but why re-invent the
>>wheel?
>>
>There are a few ways to do this. However, assuming you _are_ the
>administrator of the system, there is one reasonably easy way.

>Take the cables running to these hostile users terminals and splice into
>them. Assuming everyone (including yourself) is using the same type of 
>terminal, you can then run the T from the splice to your terminal. To
>be on the safe side, you probably don't want to connect the "write" pin
>(2 or 3, I can never remember).

A similar, and possibly more useful, approach would be to run the
cable through a PC running one of those RS-232 diagnostic programs
that captures data.  Of course, you'd need a PC with two serial
ports.  Permanent records are always useful when legality time comes
'round.  And if the bad guy isn't using your usual type of terminal,
you can just save everything until you can figure out how his escape
codes work.
-- 

ergo@netcom.uucp			Isaac Rabinovitch
atina!pyramid!apple!netcom!ergo		Silicon Valley, CA
uunet!mimsy!ames!claris!netcom!ergo

Disclaimer:  I am what I am, and that's all what I am!