Auditing Modem Usage

Auditing Modem Usage

Post by Kevin C. Castn » Thu, 12 Nov 1992 06:59:06

I'm running a network of Sun Sparc's with 3 of the machines having external
modems attached to their tty ports.
My managers have decided that it would be a good idea to see who is calling
where, when.

Up till now, my users have been using standard system tools or common
utilities such as cu, tip, kermit.  I set up a little shell script that
asked the user where they were dialing, when, and time.  Of course, the
phone bill doesn't match the voluntary log, so I am force to use a more
drastic (or draconian) method.  (So much for my faith in my user community).

The problem is that I don't want to take away the tools that the users
currently using.  My managers are not interested in restricting access,
but would like the ability to restrict access to the modems by user, or
prevent any user from dialing certain numbers at a future time (if the
situation warrants).

Buying a TERM type product, would give me these abilities, but would force
my users to learn and adopt a new product.  Also given that this is an
R&D center, alot of my users could easily write a new cu or tip, get to the
tty and force the dial from the intelligent (hayes) modem.  Restricting
permissions on the tty and writing a wrapper program only works for cu
and tip, but my kermit users can still get to the intelligence of the
modem and give the command there.  I know if they did that, I would still
know who did it b/c I would have the log and the telephone bills, but my
managers are awfully upset about the lack of support for my little
program and want something ironclad.

The idea I came up with was to replace the drivers with one that would
also recognize the Hayes dial and disconnect strings, and log those
events.  I've never written a device driver, so I don't know if this
is possible, or what technical problem I could/would run into.o

Now I'm sure I'm not the first to run into this problem so I'd like to
hear some solutions that people have used.  All ideas are welcome.
If I don't get something my users are going to lose their tools.  I don't
want to see that happen.  

I thank you for all your help.  If those who respond would do so by
E-Mail, I will post a summary in a week or two.


      Unix Administrator                         United Parcel Service