Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Create a phone home script to track your Mac System
Recently an iMac was recovered using Timbuktu and AppleScript.
The same can be done on OSX easily using this shell script in a cron task or startup item:

cat <<EOF | mail -s "G4 Status: `/bin/date`"

`/sbin/ifconfig -a 2>&1`

`ps axw 2>&1`

`/usr/sbin/traceroute -q1 2>&1`
(Replace '' with your real email address and '' with your home IP number).

You will need to enable sendmail which this tip sort of explains how to do. I set my script up to email me daily at 6:30PM using the system crontab via the cron GUI frontend Cronnix, and I will also put it in a startup item (I'd not suggest a login item).

I'd suggest using a throwaway web-based free-email address, so you will be able to easily access it if you lose your mac. You can cc to multiple addresses using the -c option to mail.

Credit to ink at MacNN for the idea. :)
  • Currently 3.00 / 5
  You rated: 5 / 5 (4 votes cast)

Create a phone home script to track your Mac | 11 comments | Create New Account
Click here to return to the 'Create a phone home script to track your Mac' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Authored by: JohnnyMnemonic on Jan 27, '02 10:58:15AM

Would it be better to create it as the root user, so the operation performs in the background no matter who's logged in?

[ Reply to This | # ]
Authored by: marmoset on Jan 27, '02 11:03:50AM

With cron, the user doesn't need to be logged in
for the cron job to execute.

[ Reply to This | # ]
Authored by: professor on Jan 27, '02 06:13:43PM

The biggest disadvantage of this script is that it assumes that the computer is connected to the internet when the cron job runs. Unless the robber has a cable/DSL connection (sounds unlikely), that is false.

More to the point, unless the robber knows the password to a valid account on the system, it is unlikely he is going to be able to boot into OSX. If he can boot into OS9, then your script is bypassed.

If you have set an open-firmware password, then he won't be able to bypass booting into OSX (without some fairly radical, and not well-known, measures -- removing a DIMM, resetting the PRAM, . . .).

I find it hard to think of a scenario in which the robber can actually use the machine and still be running OSX (so that your cron job still runs).

[ Reply to This | # ]
Guest access for thieves...
Authored by: gabidanon on Jan 31, '02 12:30:33PM

If you have a guest account that doesn't require a password, I think that a thief will be able to use Mac OS X and connect to the internet. The only problem is that in that case he will only be able to use the accounts that you have already defined, so even if he wants to change to his own ISP he won't be able to.
So the only thing you'll get is the IP from your own ISP.

[ Reply to This | # ]
E-mail web form?
Authored by: kerim on Jan 27, '02 12:25:09PM

I wonder if it would be possible to set up something similar that would send information to a web database (using SQL/PHP) which would log information about the location/IP/etc. of the computer. The advantage being that such a database wouldn't clog up your mailbox, and could be set to only keep records for the past two weeks, etc.

[ Reply to This | # ]
Dynamic IP
Authored by: wolstena on Jan 28, '02 02:25:20AM

If you are using DHCP and are behind a firewall, you can add this to find the current IP of your computer. You could also pipe the output to sed to grab the IP and pass it to traceroute.

`lynx -dump`

[ Reply to This | # ]
Kinda noisy
Authored by: Anonymous on Jan 28, '02 02:22:14PM

Getting a daily mail would be bothersome for me. Seems like if you have control of a website anywhere you could make a real simple webpage, and have the script grep for a string of text which then fires off the script. If the mac gets rippped, put the trigger text on the website, and the next time it connects it triggers the script. If I was a little more interested I'd hack it myself, but I'm not that worried. Got a 60lb German Shepherd that doesn't like strangers... ;-)

[ Reply to This | # ]
A much more robust script...
Authored by: jshaw on Jan 30, '02 11:57:34PM
I've seen a few "Phone Home" scripts recently posted, but they've either lacked robustness, or require Sendmail to be running all the time as a daemon. Hostreg is a Perl script that "phones home" when connected to a network not "ok'd" by the user. It is designed to be run from cron as root, and launches Sendmail on a per-alert basis. It tries to be robust when dealing with possible firewalls and utilizes alerts via email, www, and ftp. It grabs the current network-connected IP address. If the IP address does not match the user-specified list of "good" IP addresses (this list can include partial IP addresses for those with DHCP), it sends out alerts. For more information, go to:

[ Reply to This | # ]
A much more robust script...
Authored by: greghil on Aug 21, '02 03:02:04AM

I suggest looking at
They have a Mac and Windows product that does just what is being described here. The difference is that the PCPHONEHOME withstanfs a complete format and re-install on your hard drive. Works with OSX as well

[ Reply to This | # ]
URL moved to...
Authored by: Lectrick on Oct 08, '03 07:28:30PM

In /dev/null, no one can hear you scream

[ Reply to This | # ]
problems phoning home
Authored by: BjarneDM on Dec 12, '04 01:12:36PM

There're several problems with the traditional phone home scripts that'll make them inoprative in a lot of settings.

1) the smtp-server might only accept connections from the range of ip-adresses that belongs to the ISP. Most ISPs I know of does this.

2) running your own smtp-server on localhost might not work as several ISPs I know of block port 25 in order to combat spam and viruses with their own smtp-server. TDC, Tiscali, and CyberCity here in Denmark does this.

3) running your own smtp-server on localhost might not work if the ip-address that the script is sending from is registered at SORBS - - and the receiving smtp-server is blocking dynamic ip-ranges. Hotmail does this eg.

4) as SFP and Domain-Keys get deployed you might run into trouble with these authentication services.

The solution?
You'll have to have your script connect to a genuine web-server on port 80 out in town that'll then take care of issuing the email alerts. I'm only aware of one product that does it that way : LapCop -

All of the other script and programs that I'm aware of are relying on your computer to generate and send an email which'll very possibly run afoul of one or more of the problems mentioned above as measures against spam, viruses and worms are deployed all over the Internet.

[ Reply to This | # ]