Hi, I'm trying to audit/snoop end-users computers with a batch file. What I need is a way to make sure that the users doesn't modify my file. I cannot use bat2exe because I have FOR loops in it. I'm thinking of some way to check that the file size stays the same. If you have other ideas I'll be glad to hear them.

The following tip is not bullet-proof nor an ultimate solution, but it may enforce the protection of your script against hacking. Just add the command Attrib +R +H Batch_File_Name at the begin or end of the script. It will hide and make it read-only. I know this is far to be perfect, but it is simple and worked fine for me in a school environment.

Checking the size could be another mechanism of protection. Here, this script checks it own size: @echo off if "%1"=="GoTo" goto %2 if exist %0.bat %0.bat echo e100'SET %%1='> %temp%.\t1.bat for %%? in (rcx 7 w q) do echo %%?>> %temp%.\t1.bat type %temp%.\t1.bat |DEBUG %temp%.\t1.bat > nul dir/z %0 |FIND " BAT " >> %temp%.\t1.bat call %temp%.\t1.bat size del %temp%.\t1.bat call %0 GoTo :process %size% if not "%size%"=="492" echo File corrupted. set size= goto eof :process if "%2"==":process" set SIZE= if "%7"=="" goto eof set size=%size%%5 shift goto process :eof That's it. When you copy-paste it, it might carry some trailing zeroes or something so the file's length is not 492 bytes anymore. So, you would just have to change the number. The variable %SIZE% gets the batch file's own length in bytes, without thousand separators ('1024', not '1,024'). The script is compatible with most versions of DOS and also Win9x. It will not work on NT systems (Win NT, 2000, XP). -- Leonardo Pignataro - Secret_Doom -- secret_doom@hotmail.com www.batch.hpg.com.br ___________________________________________________________

All depends on the level of IQ of the "hackers" .. if they know you are checking the size, they gonna change the file to have same size, but different content .. attributes may help, but experienced users will not take long to find that .. what you could do, is retrieve the file from the clients, and compare it with a filecompare program, then you know who is tampering its files then, you could replace the client file, just by forcing a copy .. or you could disable a certain client to perform certains functions .. so that the hackers know you are watching them

You can buy a little cheap device that plugs into the back of the computer and it records every keystroke and mouse click. I forgot the current price but its cheap, easy, and not noticeable or crackable. The recent catalog I got from CYBERGUYS had it for around 20 bux or something like that, but any wharehouse could probably supply it. Punch Cyberguys into a search engine.

You can also post a United Nations inspector next to the end-users computer