Optional Feature 2: When a potential incident is detected, shift detection into a sensitive mode.
Considerations: We're already pinging the machines to determine whether they're offline. If any node is offline, we could decrease the time between pings (i.e., the sleep time) to increase the script's sensitivity. If the offline machine comes back up, we could return the sleep time to the default interval.
Solution: Put the Perl list of failed nodes in an If statement, and decrease the ping interval from 30 seconds to 10 seconds after detecting the first node failure. Note: If you need to ping a large number of machines, you might need to make the cycle between pings significantly longer because the machines are pinged sequentially, not simultaneously.
Identify Required Resources
After we considered the requirements and optional features and arrived at solutions, we knew what resources we needed to write the script. As determined in Requirement 1, we needed Perl and its Net::Ping and Mail::Sendmail modules.
Perl and Net::Ping are available at the ActiveState Web site (http://www.activestate.com). We installed ActiveState's ActivePerl on the PC that was going to run the script. Then we used the commands in Listing 1, page 48, to start Perl Package Manager (PPM), which comes with ActivePerl, and to use PPM to download and install the Net::Ping and Mail::Sendmail modules.
The commands in Listing 1 download Mail::Sendmail from the RTO Web site (http://rto.dk/packages). Mail::Sendmail is also available from Comprehensive Perl Archive Network (CPAN—http://www.cpan.org). The PPM Help documents ppm.html and ppmproxy.htm are installed with ActivePerl. Refer to these documents for PPM details and for information about configuring PPM on a system behind a firewall.
TheftDetector.pl
To meet the security guards' requirements, we wrote TheftDetector.pl. Listing 2, page 49, shows all of TheftDetector.pl's code lines but omits some comment lines for space reasons. We've developed a template to use in laying out Perl scripts. At the beginning of a script, we put the Use statements that identify the modules that the script uses. We add Title and Color commands to customize the command-shell window if we'll run the script interactively. In header comments, we include author contact information, date written, version, usage syntax, operation, required Perl modules, input and output file information, and examples of any configuration options.
After the header comments, we add any input file and output file location variables, email addresses, and other variables that we need to configure when we deploy the script. If you bury these configurable items down in the bowels of the code, they can be difficult to locate and configure later. We also include comments and examples for the configuration options.
We try to modularize our code into subroutines. Often, we can recycle these subroutines in future scripting projects. For example, now that we've written a subroutine that sends email messages and pages, we can recycle it in future scripts that require email and pager notifications. Code recycling saves time and money and yields a better script. If in the future we identify a better way to accomplish a task, we can write a new subroutine and incorporate it into previously written scripts that perform that task.
TheftDetector.pl has three subroutines. The core code in our script is the ping routine, TestObjects, which tests each host for responsiveness. The Net::Ping module in that subroutine lets you configure the timeout period, which we've set to 5 seconds—as callout E in Listing 2 shows. (If you have a particularly slow network, you might need to increase this value.) Note the nested second ping at callout F, which retests responsiveness if the first ping fails and initiates a page only if both pings failed. The Initialize subroutine contains a third ping test at callout H; this test determines which PCs are online when the script first runs.
The Page subroutine uses the Mail::Sendmail module to send the email message or page to an email-addressable alpha pager or other device. Help for this module is available both in the notes within the sendmail.pm file that PPM installs and at http://alma.ch/perl/mail.htm.
You can download TheftDetector.pl from the Windows 2000 Magazine Web site (http://www.win2000mag.com), along with examples of the two input files that the script uses: PagerRecipients.txt and TestObjects.txt. The script includes detailed comments to help you understand the code.
We tested TheftDetector.pl on servers and workstations running Win2K and Windows NT 4.0 with Service Pack 5 (SP5) and SP6 and ActivePerl 5.6.1, build 623. Always test any script carefully in a nonproduction environment before deploying it.
^^^^ ^^^