HPE Community
Operating System - OpenVMS
1753735 Members
4366 Online
108799 Solutions
New Discussion юеВ

Re: Log of dial-up session - keystroke logging?

 
Thomas Ritter
Respected Contributor

тАО02-08-2006 09:43 AM

тАО02-08-2006 09:43 AM

Re: Log of dial-up session - keystroke logging?

We have our dial in modems connected to a terminal server. We then use the autologin feature to connect to any host, which forces another login. The user only enters one password.

Use sysman for alf. Example

$ mc sysman alf show
%SYSMAN-I-ALFFIL, contents of ALF database on node TEST
Terminal/Port Name Username
-------------------------------------- --------
MODEM_SERVER/MODEM1 DIALIN1
MODEM_SERVER/MODEM2 DIALIN2

Explore ALF. Not a well know feaure but useful. Entry is via sysman.



0 Kudos
Reply
John Gillings
Honored Contributor

тАО02-08-2006 11:59 AM

тАО02-08-2006 11:59 AM

Re: Log of dial-up session - keystroke logging?

Jon,

> thought about $SET HOST 0/LOG=mumble
>in the LOGIN.COM, but this seems a
>bit silly as they'd have to login twice

Not entirely! You can setup a pair of accounts for each user. An "outer" and "inner". The purpose of the outer account is the initial login and to manage the logs. It's captive and has NO PASSWORD! It then does:

$ SET HOST 0/LOG INNER

(or more likely "USER_SECURE" or similarly generated username).

Since you've given SET HOST the username, all it prompts for is the password. The LGICMD of the inner account can verify that it's logged in from the outer account, so you've enforced the logging.

The user only sees one Username and one Password prompt, but there may be output in between. Since the usernames are separate, you can secure the logs very well. You could even put the "outer" usernames on a different system, and have a split network so the inner system is physically inaccessible except through the logging system.

The whole thing can be setup very easily with about 50 lines of DCL.
A crucible of informative mistakes
0 Kudos
Reply
Thomas Ritter
Respected Contributor

тАО02-08-2006 12:51 PM

тАО02-08-2006 12:51 PM

Re: Log of dial-up session - keystroke logging?

Following on the John, ALF creates the outer account and you use your user id and password for the inner account. If your modems are connected to Terminal servers, then by all means try ALF.
0 Kudos
Reply
Volker Halle
Honored Contributor

тАО02-08-2006 06:18 PM

тАО02-08-2006 06:18 PM

Re: Log of dial-up session - keystroke logging?

re: John,

$ set ho 0/log inner
%DCL-W-MAXPARM, too many parameters - reenter command with fewer parameters
\INNER\

Does this involve any undocumented feature ?

Volker.
0 Kudos
Reply
Jon Evans_1
New Member

тАО02-08-2006 07:32 PM

тАО02-08-2006 07:32 PM

Re: Log of dial-up session - keystroke logging?

Thanks everyone for the suggestions.

Not really wanting to pay for any software for this solution so the RAXCO product is out, but it would do what I want. Thanks.

Terminal server/ALF solution not really suitable for this - we only have a thinwire 10mb DS90TL and I don't want to open the whole full modem-control supported DECserver argument........

I'm following up the LOGGER program and my original idea.

Thanks again.

Jon
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.