******************************DESCRIPTION********************************** | This is an example of a challenge/response type security system. It | | will take numeric information stored in the user's record (in a TPA) | | and perform a set mathmatical function on it, with a variable random | | number. The random number is displayed to the caller, who MUST perform | | the same calculation. The caller then enters this number, and access | | is given to the system. | | This system is typically in super-high security systems, and the exact | | calculation performed, as well as the information stored in the user's | | file, is usually unknown to the caller. The caller would have a "black | | box" with the information (calculation and stored information) hard- | | wired into it. All they would do is enter the "Challenge code" and the | | box would supply the "Response code". | | This would be of limited use to anyone but goverment and corporate | | systems that required a far-above-average security system. It is put | | here strictly for example. | *************************************************************************** Utilities: There are two utilities you will need to install. They are: CH_RESP.PPE - This is the actual challenge/response module. It will present a randomly generated number between 0 and 999999 to the caller. Based on this random number, the caller will be required to enter the proper response code within two attempts. If the caller fails in both attempts, it will hang up, lock the account, and generate a message to the System Operator. SET_SER.PPE - This is the "maintenance" utility that is used only by the Sysop. It maintains the information stored in the user's TPA field. This should never be available to the caller, since this would supply at least part of the information necessary to crack the security system. Display files: There are two display files associated with this PPE. They are: HANGUP - This file is displayed to the caller if they fail to enter the proper response code. It explains they have not responded properly, and they should not attempt to contact the system again until they have talked to the System Operator. MESSAGE - This file is used to generate a message to the System Operator regarding the security violation. Both of these files would need to be modified to suit your system. ******************************INSTALLATION********************************* 1) You will need to install a TPA into PCBoard's user file. Make sure ALL nodes are down. Go into PCBSystem Manager by typing PCBSM at the DOS prompt. Select option "D" (User Info File Maintenance), then option "E" (Add/Update Third Party Application). You'll see a screen that looks like this: PCBoard System Manager Add/Update Third Party Application Enter the name of the Third Party Application ? ÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛ Enter CH_RESP for the name. Next you'll see: Application name not found, enter new information below: Version : 0 Static Size : 0 Dynamic Size : 0 Keyword : Make it look like this: Version : 1 Static Size : 7 Dynamic Size : 0 Keyword : CH_RESP It's VERY important that you allocate STATIC Size, not DYNAMIC size. If you allocate DYNAMIC size, your USERS.INF file is going to blow up like a balloon. Press Page Down to make the changes. This will put room in your user's records to store their individual information. 2) Go into PCBSetup|File Location|Configuration Files, to the CMD.LST file. Hit F2 to edit it, and add a blank entry by hitting Alt+I (Insert). Your screen will look like this: File Locations Command Security PPE/MNU File -or- Keystroke Replacement ÍÍÍÍÍÍÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 1) The order of the commands doesn't matter, since PCBoard will check all of them to interpret a command. Make it look like this: File Locations Command Security PPE/MNU File -or- Keystroke Replacement ÍÍÍÍÍÍÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 1) SERIAL 110 C:\PCB\PPE\SET_SER.PPE Of course, the command used, security level, and location of the PPE's may be changed to suit your system. A higher security level will restrict their use, a lower one will allow it. You may want to create a new subdirectory, used only for this PPE, to keep things neat and tidy on your hard drive. 3) Go to PCBSetup|File Locations|New User/Logon/off Questionnaires, to the entry that looks like this: Name/Loc of Logon Script Quest. : Name/Loc of Logon Script Answers : Make it look like this: Name/Loc of Logon Script Quest. : C:\PCB\PPE\CH_RESP.PPE Name/Loc of Logon Script Answers : There shouldn't be an entry in the "Answers" field, only in the "Quest." field. This will run the PPE whenever someone calls into your system. 4) Edit the display files to show the accurate information for your system. You may also wish to edit your news file to tell your callers about the new system, and explain how/why it's being used. *****************************DISCLAIMER******************************** This isn't guaranteed to do anything. It also isn't guaranteed to NOT do anything. If you install it and green tentacles shoot out of your floppy disk bays, destroying your entire house and killing your dog, it's not my fault, and I won't pay for it. The source code is here, I'm not a fancy enough programmer to pull any subterfuge, so you can check it and see for yourself what it does. If you can make your way through a medium-hard batch file, you should be able to follow this source code. This is not written by or supported by Clark Development Company, it's written only by me, and not supported by anyone but you. I don't have enough time at work to do what I get paid for, let alone support things I'm not paid for. If you call me at home, I promise I'll hang up on you. I wrote it because I enjoy cloak-and-dagger security systems, and this is a way to let my basically criminal nature do something constructive.