In this short post, I'll explain one of the techniques to monitor whether a modem is listening for incoming calls on a machine, using Operations Manager 2007. Assuming that you may have some modems that get turned on when someone needs to dial in (for whatever reason), and *should* be disconnected afterwards. So you would like to get alerted when a modem is turned on and RRAS is configured to put the modem in listening mode.
This is how it works :
Create a Unit monitor – Scripting - Two state monitor
Target Windows Operating System. Keep the monitor disabled for now. Save the monitor in a custom management pack.
Schedule : run every 15 minutes or so
Script : choose a good name for the script (e.g. checkifmodemison.vbs) and set the timeout (1 minute should be ok)
Option Explicit
'
' Script that runs an external tool and tries to
' determine if a modem is turned on and listening or not
' Written by Peter Van Eeckhoutte
' https://petersblog.dyndns.org:8899
' peter.ve@telenet.be
' Feb 2008
' version 1.0
Dim oArgs
Set oArgs = Wscript.Arguments
Dim oAPI
Dim objShell
Dim objScriptExec
Dim oBag
Dim modemturnedon
modemturnedon="false"
Set oAPI = CreateObject("MOM.ScriptAPI")
'get args
If oArgs.Count < 2 Then
' If the script is called without the required arguments,
' create an information event and then quit.
Call oAPI.LogScriptEvent(Wscript.ScriptName,101,2,Wscript.ScriptName + " script was called without the necessary 2 arguments (<path to getmodemstatus.exe> <comport> and was not executed.")
Wscript.Quit -1
End If
Call oAPI.LogScriptEvent(Wscript.ScriptName,101,0,Wscript.ScriptName+" script was launched with " + Cstr(oArgs.Count) + " arguments.")
'launch getmodemstatus
Set objShell = CreateObject("WScript.Shell")
Set objScriptExec = objShell.Exec(oArgs(0)+" "+oArgs(1))
modemturnedon= trim(objScriptExec.StdOut.ReadLine)
Set oBag = oAPI.CreatePropertyBag()
Call oBag.AddValue("ModemTurnedOn",modemturnedon)
Call oAPI.LogScriptEvent(WScript.ScriptName,101,0,WScript.ScriptName+" script completed successfully. ModemTurnedOn : "+modemturnedon)
Call oAPI.Return(oBag)
You can download the latest copy of the script from here : [download#5#image][download#5#size]
Leave the parameters field empty for now.
Unhealthy expression :
Healthy expression :
Set the monitor health states
Set alerting properties
Save the monitor
On every host that needs to be monitored, you need to put a small executable : getmodemstatus.exe
Download from here [download id="7"]
Create an override for the monitor, and select the server that needs to be monitored.
Enable the monitor and set the parameters as follows :
"<path to getmodemstatus.exe>" "comport where the modem is connected to"
Save the override. Wait until the management pack gets distributed and the script kicks in.
You should see the following 2 events when the script runs :
If the modem is turned on, the second event will show this in the description :
If everything has been set up, you should now get an alert in OpsMgr
If the modem is turned off again and RRAS does no longer grab the comport , the alert will be resolved (if that is how you've set up the alerting properties)
Enjoy !
© Corelan Consulting BV. All rights reserved. The contents of this page may not be reproduced, redistributed, or republished, in whole or in part, for commercial or non-commercial purposes without prior written permission from Corelan Consulting bv. See our Terms of Use & Privacy Policy (https://www.corelan.be/index.php/legal) for more details.
Subscribe to get the latest posts sent to your email.
Type your email…
Subscribe
Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education—helping security professionals understand not just how exploits work, but why.
Tags:
