ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» º LoopBack, the Easy, Cheap, Fun, Sexy, CallBack Verifier º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ LoopBack(tm), Programed by Bill Marcy, 1994 Read the CALLBACK.HIS file for important news on any changes to these doc's! Please find a complete File list at the end of this doc file. Description: LoopBack is a simple to install, and nearly foolproof method of CallBack verifying your user base. It is tiny (under 24k) and fully integrated into the PCBoard 15.x BBS environment. All display files are external for full sysop configurabilty and customazation (hey, give them a try as is, they are pretty good). Traps 'bad' number attempts, in example 911, 900, 976 or 555 exchange tries. Will also write these attempts to a file for sysop perusal. Logs Successful attempts, and also unsuccessful attempts in separate files for easy maintenance. Full logging to the CALLERS log with numbers attempted, and reasons for failure. Will disallow duplicate number verifications (stopping people from using multiple names at the same number), and finally will solve just about every user verification problem that you may have! Every BBS has those users that feel that it is lots of fun to have many different names and to use them all one after the other, tying up your lines so that honest users can't use your system...kiss these bad users good-bye with LoopBack. System Requiremnets: You need to have a minimum configuration, namely you have to be running PCBoard 15.1(x), we are compiling LoopBack with the latest PPLC compiler so you will need to make sure that you have the latest PCBoard code up and running. Since Loopback is a PPE, it is an extension to PCBoard, if PCBoard runs, LoopBack will run. Memory usage is very light, it takes about 45k to run and we open anywhere from 1 to 15 files, none at the same time. Loopback is fully multi-node aware, there are no problems running multiple copies of LoopBack at the same time. LoopBack runs fine over Novell (3.11, 3.12, 4.00, 4.01), Lantastic (5.0) and Vines. LoopBack also runs fine under DESQview and OS/2 (sorry Windows people, I haven't tested it under Windows, you are on your own). Basically if PCBoard runs, LoopBack will run! Installation: (please read UPDATE.DOC to go from another version) This is simple so follow closely, we will do this in just a few steps here we go... Step 1: Unzip this archive to any directory you like. (I.E. F:\PCB\PPE\CALLBACK) Step 2: Add CALLBACK.PPE to your main CMD.LST file, this CMD.LST file can be accessed by loading up PCBSETUP and Choosing 'B', then choosing 'B', then using your cursor keys, going down for 8 clicks until CMD.LST is highlighted. Press F2 when you have successfully highlighted CMD.LST, you will see the following: File Locations Command Security PPE/MNU File -or- Keystroke Replacement ÍÍÍÍÍÍÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 1) 0 Just add the following info and...your almost done! Command Security PPE/MNU File -or- Keystroke Replacement ÍÍÍÍÍÍÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 1) CALLBACK 0 F:\PCB\PPE\CALLBACK\CALLBACK.PPE As you can see this is simple. Once you have this entered, hit ESC and answer Y to save the new CMD.LST file. Step 3: Add CALLBACK to your unregistered user BRDM menu file. Step 4: Edit the enclosed CALLBACK.CFG file to reflect the verification scheme you are interested in. The config file is fully commented, so it is very easy and do not worry about leaving the comments in, they are there to help you! Here is a line by line description of the LOOPBACK.CFG file, please note that we are going ACTUAL LINE / LONG DESCRIPTION. Please do not add these long descriptions to your actual LOOPBACK.CFG file (they are already in there!). Line 1 > ATDP line 1: Place either ATDP (for pulse dialing) or ATDT (for tone dialing). Please be aware that although you may have TONE dialing on one or two of your BBS lines, not all of them are guaranteed to be TONE, if you are in doubt, plug a phone into each line and check to see that TONE dialing is actually accepted (this is one of those head slappers we all feel a little silly about). Line 2 > 20 line 2: The security you want to give to those people who successfully complete the callback verification process. This security level will only be given to those people who, when called back can enter the correct NAME/PASSWORD (do you really think people will band together to defeat your callback scheme by dialing each others house and entering each others info...). Line 3 > 20 line 3: The security level above which (including the exact match IE, in the above example, 20 OR greater will trigger this) that are exempt from the callback process. This allows you to put this PPE in a user security file and have all of your unregistered users go through it automatically. So if your unregistered users security level is 19 while a registered user is 20, a level 19 will trigger it, while a level 20 would just sail through. Line 4 > 212 Line 4: The local area code. This will act as a filter for you. Your user enters their number, area code included, and LoopBack determines if the caller is long distance or not. Line 5 > LD Line 5: Place an LD here if you want to allow long distance verifications, or place an LC here if you just want to callback those people in your area-code. Line 6 > N Line 6: Place a Y here if you want to enable POSTCARD verification, or place a N here if you do not want POSTCARD verification. If you enable postcard verification, then a file will be saved with the callers user number as the file name and an extension of POS (ie, 1604.POS), you can then print these files out on postcard stock, or use it as a basis of your own postcard verification scheme. Line 7 > 2 Line 7: Placing a 1 in line 7 will cause LoopBack to look up the number that the user entered for their Home Phone Number on Logon, a 2 here will cause LoopBack to use the Business/Data number the user entered on Logon, a 3 here will cause LoopBack to ask every user what Number they would like to use. So remember - (1) Use Home Phone, (2) Data Phone or (3) ask. Line 8 > 000-000-0000 Line 8: This number will be an example to the Long Distance user of how he/she should input their phone number. Line 9 > N Line 9: For registered users only, this will completely bypass any opening screens or delays. This will give the LoopBack program a completely seamless look to it. To enable this just place a Y in line 9. Hey, even if you are registered why not leave it up so that some of your users will get my advertising...thanks! Line 10 > Y Line 10: Place a Y in line 10 if you want a prompt asking the user if they want to abort the callback procedure. Some sysops may not want to allow their users to be able to abort (ie, if you place LoopBack into your news file and force all users through the callback door...you wouldn't want them to be able to 'wiggle' out without completing the callback. Line 11 > 10 Line 11: This is a how long you want your modem to wait before it initiates the callback. A suggested delay is 20 seconds as most phone systems will relinquish the line in this amount of time. A common hack of Call-Back verifiers is for a user to use a second phone to fool the Call-Back verifier into thinking that the line is clear, then logging on as if the call had completed. This number will allow you to stop this in it's tracks. Line 12 > 3 line 12: The number of times your board will attempt to callback the user. Right now it is the same for local or long distance users, but it is going to be broken up so that you can have separate variables for either. Line 13 > Y Line 13: This will enable Bad callback number tracking. This config variable is tied in with config line 30. Please note that if the caller tries a number 'X' number of times (as configured in line 30 of the config file) then the caller will be stopped from using that number again, until he/she leaves you a message. This stops a caller from calling at 3 in the morning and using your BBS as an instrument of their harrassment. Line 14 > 40 Line 14: Added a configuration variable to allow the sysop to decide how long their board should wait for a connect, a wait of 40 seconds is usually long enough for everyone. If you find that your callers are saying that the "program never called me back" then bump this up a bit, 60 seconds couldn't hurt. Line 15 > 30 Line 15: Added a variable for how long you want the default user subscription to be for. In this example we are giving the verified user 30 days. This lets the user get a good feel for your board. We like to think of it as fishing... The 30 days is your hook and your bbs is the bait... you just have to give it a good yank to set the hook. Feel free to put however long you usually give a verified user. Entering 00-00-00 will give your user the default "no expiration date". Line 16 > 2 Line 16: This is the line in the users short account file (SysOp function 7) where you want to place the following message. Options are 1 or 2. "LoopBackú12/01/93ú212-777-8282" Line 17 > Y Line 17: A "Y" allows you to disallow certain area-codes for callback. putting a "N" here will not have it look for a file called AREACODE.CAL Any number that you do place in your AREACODE.CAL file will be excluded if you turn this feature on. This lets you lock out callers from neighboring countries, without stopping long distance callbacks. Line 18 > 16 Line 18: This is the security that you want the expired, already verified user to be set to. So your user goes through the callback procedure uses up his thirty days (in our example) and then gets his/her security set to this number. Line 19 > Y Line 19: Place a "Y" here if you want a message to be sent to you (the SysOp) after a user successfully completes the callback procedure. Included in this package is a sample SYSOP.MSG file. Feel free to change it however you like. Since it is being sent only to you, don't worry about your users seeing it. Also this message will be receiver only anyway...addressed to the sysop. Line 20 > 1 Line 20: This is the conference number that you want the confirmation message set to you in. If you have an administrative conf, that is a good place to put it. (If you elect to not have a message sent to you, then this can be anything as it will be ignored.) Line 21 > Y Line 21: Place a "Y" here if you want a message to be sent to the user. This can be a welcome message, a message that explains your rules and regulations, or it can be a message that you want all of your verified users to read. Again, there is a sample message included called NEWUSER.MSG. Feel free to have it say anything that you want your users to read. All PCB @ codes are supported. Line 22 > 0 Line 22: This is the conference that you want to insert the NEWUSER.MSG into. The main board (0) or your new user conference is a good place to stick it. Again, if you elect not to enable this feature, anything you place here will be ignored. Line 23 > Y Line 23: Place a Y in line 23 if you want to enable the exchange list feature. This will allow you to designate what exchanges are not local to you, (even if they have the same area code). You will need to edit the file EXCHANGE.CAL and enter those exchanges that you wish to be able to call back to. There also is a display file called FIFTEEN.DSP that explains to your users why LoopBack can't continue. This bears a bit more explanation... say you are in the area-code 212 and this may cover your entire state, but only half of the exchanges are local to you while the rest cost you big money to call back to. Well just list those exchanges that you DO NOT WANT to callback to. Very simple. Line 24 > Y Line 24: Place a Y in line 24 if you want to enable time restrictions for your callback verifications. If you place an N here, LoopBack will not check for any time restrictions that you set up. Make sure that you edit the TIMEREST.CAL file to reflect the hours you do not want to allow callbacks to happen. A very informative screen will then be displayed to your users explaining when they can actually use the callback door, all according to what you entered in the TIMEREST.CAL file. You WILL like this feature a lot if you need a time restriction (say you only want to do callbacks after a certain time has passed so that you can call on the cheaper rates.) Line 25 > Y Line 25: Place a Y here if you want to enable the sysop testing feature. this will let you, the sysop, perform test runs of LoopBack without having to place any calls. It bypasses the actual callback routines, and allows you to see exactly what your users will see. The beneifit to this is that if you edit any of the DSP files, you will be able to view them as if you were the user. Line 26 > 10000 Line 26: This is the Number of bytes you want to reward the succsefully called back user, this is a one time addition to their download bytes. Any number in here will be used, if it is a positive number, it will add the specified number of bytes, if it is a negative number it will deduct them. Line 27 > 0 Line 27: Place your PBX dial out codes in this line, for example, 9,,8 would dial a nine, then wait two seconds, then dial an eight. Please check your particular modem manual for the codes you will need. Non-PBX users please place a 0 in this config line. Line 28 > ATH1 Line 28: Please place your modem OFF-HOOK command here, the Hayes standard is ATH1. This is used for taking the modem off hook (busy it out so that if anyone tries to call in during the callback procedure they will get a busy line, and not interfere with the callback). Line 29 > ATH0 Line 29: Please place your modem ON-HOOK command here, the Hayes standard is ATH0. This is used in conjunction with line 28 in this config file. This will put the modem back on hook (hang up) so that the modem can pick up and dial out. Line 30 > 3 Line 30: This should be the number of callback tries that are allowed to the current phone number. If the user attempts to use the same phone number after the amount of tries entered on this line, they will be shown display file NINETEEN.DSP, and the carrier will be dropped. Line 31 > XXX-XXX-XXXX Line 31: The Template for your country's phone numbering scheme. ie. In the U.S. we use XXX-XXX-XXXX as our format. Your country may use the format of XX-XXX-XX-XX (this is an example for the Netherlands SysOps out there). Just enter it with "X"'s just like above. Line 32 > Y Line 32: This allows you to have local exchanges that extend over multiple area codes. You will have to enter the area-code and the exchange to allow a callback. For instance, 212,777 would be allowed a local callback. Otherwise, all numbers in the 212 area code would be Long distance. Line 33 > Y Line 33: Put a Y here if you want to display the EIGHT.DSP file to callers whose security is above that required for verification. Please note that by placing a Y here, you should not put this in a display file as the user will be shown your display file (if there is anything but the call to the LoopBack.PPE) and it will display EIGHT.DSP. ***end of config example*** Step 5: Stand back and watch your verification problems disappear. A note about GETNUM.PPE There is an included PPE file called GETNUM.PPE, this little beauty will read in your users file and build a complete CALLBACK.FON file for you of all of your current users, it is installed exactly like the CALLBACK.PPE, except for security sake please give it a sysop level of security so that only you can access it. Then to call it you only need to type GETNUM from the PCB command line. GETNUM will give you complete directions as it runs. It is quite fast on my development machine (486/66), it processed a 8945 record user file in just under a minute and a half. Again, this PPE (GETNUM) is only for registered users, if you are unregistered please see how to get your own key file right away! Registration: LoopBack took me about a three and a half months to get where it is now, I am hoping that you find it easy to setup, convenient for your users to use and worth the $20.00 I am asking for it. If not, well, what can I say. You will have to remove it from your system after you decide you do not want to pay for it, which would really disappoint me, as I am really looking forward to seeing your $20.00 check in my mailbox. Please remit payment to: Bill Marcy 222 East 19th Street #2G New York, NY, 10003 Checks and money orders are welcome. You will get a registered .KEY file uploaded to your board the same day I receive payment (none of you are going to send me a bad check, so I trust you). With your payment please include the following (print this part out and cut it to fit into an envelope...hey I could make it more difficult ) Sysops First Name: Sysops Last Name: BBS Name: Also please note that CASE is very important to these key files, so please use Capitalization where you need it. You can get keys much quicker if you want to call my BBS (following). Contact the Author: You can reach me VIA RIME (SysOp conf, but I pick them all up) or you can call my bbs at: (212)-777-0225 Logon with the full name of: Survival Tech. Software No password needed! You will be brought directly into the Survival Tech. Software Support Conference, no registering necessary and full download of all software on the first call. Or you can log on to Survival Tech BBS as a normal user, go through the callback procedure and join Conference 2. We have a key generator up for people to use. Just type: KEY to generate your own keys. Please note that at Survival Tech. Software, we trust our customers completely. To that end we allow you to generate your own key-files, and send payment in after you have a fully working copy. I know this can be a temptation, but I really DO have faith in you. Please feel free to leave comments with anything that you want to see added to LoopBack. We have many plans for this program, and rest easy, your Key file will be good for all versions. As a last resort you can reach me voice at (212)-777-0224, between the hours of 09:00 to 09:00 Eastern time. (I have a 10 month old baby, and she does not take well to being woken up in the middle of the night...thanks!) Survival Tech. for LoopBack(tm) - please make sure that your ZIP file has the Survival Tech. Software AV lock on it, if not you may be missing some of these files. FILE NAME What it is for or what it does! ------------ ------------------------------- CALLBACK.!!! This is a file that is created by LoopBack whenever a user (a very bad user) tries to use one of your BADNUMS. This will give you the number that the scum user tried, their name, and the date. CALLBACK.BAD This is a file created by LoopBack whenever a user tries to get verified, but never completes the actual process. AREACODE.CAL Place in this file all the area-codes that you do not want to call back. If you are not going to call back any area code but your own, you do not need to use this file. (see config option #5). We will include a listing of all area codes outside the continental US in a future version. Unless you're made of money, you should strongly consider adding these. Note: You must enter one area code per line. AREAEXCH.CAL Place in this file the area-codes and exchanges that are local to you. In other words, if you can make local calls to area codes other than your own, you should enter those area codes and exchanges in this file. Note: One area code, exchange per line. EXAMPLE: 212,777. See config line #32. BADNUMS .CAL These are the numbers you do not EVER want to dial like 911 or 976, 900 or 555. The user will be informed that they are caught and then they will have carrier dropped on them. LoopBack will then create the file CALLBACK.!!! to inform you that one of your users tried to screw you. EXCHANGE.CAL This file is needed if you live in a state (?) that has one area-code with exchanges that are not a local call to you. Say you are in the 212 area code, a number like 212-505-2654 may be a local call for you while a number like 212-777-8282 may actually cost you money, just place the number 777 in this file and it will not allow 777 callers, (if config option 23 is enabled), to be called back. TIMEREST.CAL This file is somewhat complex at first glance but it is very simple when you realize that all you have to do is to put an 'x' whenever you want to allow a callback to happen. Please do not change anything except placing or removing an 'x' as this file is read in and formatted to show the user when they can call back to be verified. (I am really proud of this one). CALLBACK.CFG This is the actual configuration file, please see above for a full description. SAMPLE. CFG This is a config file that has line numbers added, please do not try to operate LoopBack using this CFG file, as very strange results would be produced. FILE_ID. DIZ The AD file for LoopBack, please make sure that if you upload it to your own BBS (or even someone elses) that this file is included...Thanks! CALLBACK.DOC This documentation file, long winded, lacking any humor and needs much work, but we are getting there. UPDATE .DOC This file will describe the steps you need to take to upgrade from the last version. If you are upgrading from anything but the last version, your best bet is to save your CALLBACK.FON file, and overwrite everything else. ONE .DSP (Used to be called WELCOME.CAL) This is the welcome screen, this gives general help, and lets the user know what is about to happen. TWO .DSP A file letting the caller know that their number is being checked against the already verified database. THREE .DSP A file that lets the user know that sysops time restrictions are being checked. FOUR .DSP A file that lets the user know that everything was ok, and that we will proceed with the callback procedure. FIVE .DSP (Used to be called CALLBACK.FNL) This is the final display file that is shown to the user, it reminds the user what is needed from them (wait for ring...type ATA...etc.) SIX .DSP (Used to be called PASS.CAL) The file that is shown after the user enters their Name and Password correctly, telling them that carrier will be dropped and they now need to call back to make use of their upgraded security. SEVEN .DSP This file is shown to the user after they fail to enter their name or password correctly. They get 3 tries, so you might not want them on your BBS if they can't remember their name or password. EIGHT .DSP This file is shown to the user whenever they enter Loopback but their security is too high to use it. NINE .DSP (Used to be called NONO.NUM) This lets the user know that they have tried to use a number that is in your BADNUMS.CAL file, usually 900, 976, 555 or 911. The file is displayed, then the user is logged off your BBS. TEN .DSP (Used to be called ALREADY.CAL) This file lets the user know that they already have been verified at the number they entered. They can always get a new number from the telco, but most users won't do this. ELEVEN .DSP (Used to be called SORRY.CAL) Lets the user know why you have decided to disallow long distance callback verification (cost, time...etc.) TWELVE .DSP This is the file that is shown to the SysOp, on their successful callback. So that if you are remote, you can have your BBS call you back, and you do not incur the charge from where you are at. THIRTEEN.DSP This is an explanation file that is shown to users that are about to be postcard verified. It will not be shown except on BBS's that decide to use the postcard verification scheme. FOURTEEN.DSP This file is displayed to users whose Area-code is on the exclusion list and lets them know why. FIFTEEN .DSP (Used to be called EXCHANGE.CAL - please do not confuse it with the file called EXCHANGE.CAL that is presently being used!) This is the display file that lets the user know that their exchange is on the exclusion list. SIXTEEN .DSP (Used to be called TIMEREST.DIS) This file is displayed to users when the callback door is setup not to allow call backs. They are then shown the callback schedule and told to try their call at a non-excluded time. SEVENTEE.DSP (Used to be called FREECALL.DIS) This is the file that is shown to your user on a successful connect and right before they enter their Name and Password. EIGHTEEN.DSP RESERVED FOR FUTURE ADDITIONS. (not on the distribution ZIP). NINETEEN.DSP This Display file is shown to the user after they attempt to use a phone number more times than is specified in config line 30. CALLBACK.FON This is the Number, Name and Date of the successful callback (it is in comma delimited format, ready for import into any dbase clone). This is created by LoopBack, a sample is included in this zip. CALLBACK.HIS A complete (ad nauseum) description of the changes, and problems we have made to LoopBack, read this for a good laugh. CALLBACK.KEY Included is a sample test key to get you running, call us at File-Link BBS to get your own customized key...even if you just want to test us out registered. NEWUSER .MSG This is a sample message sent to a caller after they have succeeded in the callback procedure. Feel free to change it anyway you want... get creative, rules/regs, sub prices, or as we use it on File-Link a welcome message. SYSOP .MSG A message sent to you the SysOp, letting you know Caller X is now a registered user on your BBS. Again, you can change it to say anything you want. CALLBACK.PPE This is the main guts, the real thing, the whole enchilada. This is the whole program file, no other program is needed and there are absolutely zero calories in it! CALLBACK.PPS Hey, shoot me if I ever include this, as people would then see how well I program, and we would have hundreds of sysops out there that go through life guilty that they only sent me $20.00 for this work of art! POSTCARD.PPE This is the program to enable postcard verification, it is called by LoopBack directly so just have it in your LoopBack directory. GETNUM .PPE This is a little bonus utility for registered users, what this little gem does is it reads through (doesn't write, doesn't even come close to writing to your users file) Users File and builds a CALLBACK.FON file from all of your current users. If you are already running and have a CALLBACK.FON file, it iwll append all of the new info to the end of that file.