Method of recording the system login file and the recording device thereof

Abstract

A method of recording the system login file is implemented on a computer host connected to a network. Using the combination of software and hardware, a write program is installed in the computer host. The disclosed recording device is then connected to the computer host. After the connection, the write program writes the login file produced by the computer operating system (OS) into the recording device in a way independent of the computer OS. For computer OS cannot detect the connection of the recording device. The write program is the only means for the computer host to communicate with the recording device. Therefore, the invention can effectively prevent hackers from using the resources or information provided by the computer OS to change the login data. Moreover, it is convenient for the purpose of future tracking.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a preferred embodiment of the invention connected to a computer host; and

FIG. 2 is a time-ordered plot showing the procedure of the disclosed controller read program and the computer host built-in write program.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

Please refer to FIG. 1 for the disclosed recording method. The method provides a recording device 20 comprising a controller 21, a memory unit 22 in dual connections with the controller 21, a serial port computer connection interface 23 in connection with the controller 21, and a computer connection interface 24 in connection with the controller 21. The serial port computer connection interface 23 can be an RS-232 interface. Since the serial port computer connection interface 23 is not a plug-n-play interface, the controller 21 sets it purely for writing and uses it for the connection with a computer host 10 that generates a login file.

The method also provides a write program, built in the computer host 10. It communicates with the recording device 20 plugged into the computer host 10, writing the login file produced by the computer host 10 into the recording device 20.

The above-mentioned recording device 20 of the invention is plugged into the computer host 10 via one of the one-way serial port computer connection interfaces 23. Since the serial port computer connection interface 23 is not a plug-n-play interface, the OS of the computer host 10 cannot detect the properties and contents of the recording device 20. Therefore, the recording device is an invisible device for the computer OS. Moreover, the recording device 20 only communicates with the write program in the computer host 10. The controller 21 of the recording device 20 sets the serial port computer connection interface 23 plugged into the computer host to be one-way writing. Once the login file produced by the computer host 10 is written into the recording device 20 by the write program, it is impossible for the login file written in the recording device to be read back into the computer host 10a using the resources or information provided by the computer OS. It is therefore unable for anyone to read or modify the login file. Consequently, the true login file can be safely kept in the disclosed recording device.

The other computer connection interface 24 in the disclosed recording device 20 is used for the connection with an ordinary computer 10a. The controller 20 sets the computer connection interface 24 to be used by the management memory unit 22. That is, when a user plugs the disclosed recording device 20 to a computer 10a, the controller 21 knows that the interface currently connected with the computer 10a is a read-only computer connection interface 24. Therefore, it only receives specific commands given by the computer 10a, such as reading data stored in the memory unit 22. Therefore, if the user wants to obtain data stored in the login file, he/she has to use this computer connection interface 24 to connect with the computer 10a in order to successfully read it out. As a result, the stored login data cannot be read out by the same computer host according to the invention.

With reference to FIG. 2, the write program of the computer host 10 periodically writes the login file produced by the computer host 10 into the invention. The read program of the controller 21 periodically retrieves the login file from the computer host 10 in accord with its write program and stores it in the memory unit 22 of the invention. As the memory unit 22 has a limited capacity, the read program eventually covers all the stored login files stored in the memory unit 22 after a certain time. This time in principle is set according to the login file update time of the computer system 10. Therefore, there is not much change with respect to the habit of the system administrator. This is very convenient.

When some hacker logs into the computer host, the system automatically writes the hacker's login data (including login time, account name, password, and IP address) into the login file. Some experienced computer system hackers may modify the contents of the login file before logging out the system so that the system administrator cannot track the hacker by comparing the login file contents with the breakdown time of the system. In that case, it is impossible for the system administrator to find out the true login information of the hacker.

In accord with the above-mentioned external recording device with along the design of a write program, the login file stored in the invention cannot be read out and modified by the same computer. Each set of login data can therefore be faithfully recorded and stored. Therefore, the invention provides the system administrator with a login file backup. This enables the system administrator to analyze the true login data and avoid the problem that the login file of the computer host is modified by the hacker.

Claims

1. A recording method for a system login file, comprising the steps of: providing a recording device, which includes a controller, a memory unit in dual connections with the controller, a serial port computer connection interface in connection with the controller, and a computer connection interface in connection with the controller; wherein one of the serial port computer connection interfaces is set by the controller to be one-way writing and for the connection with the computer host whose login file is to be recorded; andproviding a write program, which is built in the computer host that generates the login file, communicates with the recording device plugged into the computer host, and writes the login file produced by the computer host into the recording device.

2. The recording method as claimed in claim 1, wherein the write program periodically writes the system login file into the recording device.

3. The recording method as claimed in claim 1, wherein the login file contains data of other network devices logging into the computer host, including login account name, time, and IP address.

4. The recording method as claimed in claim 1, wherein the serial port computer connection port is an RS-232 computer connection interface.

5. The recording method as claimed in claim 2, wherein the serial port computer connection port is an RS-232 computer connection interface.

6. The recording method as claimed in claim 3, wherein the serial port computer connection port is an RS-232 computer connection interface.

7. A recording device for a system login file, comprising: a controller;a memory unit, which is in dual connections with the controller;a serial port computer connection interface, which is electrically coupled to the controller and set by the controller as a one-way writing interface and connected to the same-type connection port of the computer host, allowing only writing in data and forbidding users to read or modify the data using the same interface; anda computer connection interface, which is electrically coupled to the controller for the connection with the same-type connection port of the computer host;wherein the controller receives a command sent by the connected computer host and reads out the data stored in the memory unit.

8. The recording device of claim 7, wherein the serial port computer connection port is an RS-232 computer connection interface.