
               
                      NETKEY (Potection against LAN hackers)
  
                       http://members.xoom.com/netkey1/

                       Version 1.01 - copyright(c) 1998


----------------------------------------------------------------


        Contents:
        ---------
        1. What is it for ?
        2. How can I test it right now ?
        3. How can I install this DEMO to a real workstation ?
        4. Parameters.
        5. Registration benefits
        6. Price / Order Form.
        7. Other uses.
        8. Technical features.

**************************************************************************
WARNING! This is a TSR (Terminate and Stay Resident) program. Since the
   program is NOT removed from memory until you turn off your PC, avoid 
   loading it several times during the same session, otherwise this may
   cause a stack overflow and your system will surely hang.
**************************************************************************

**This is a fairly long document, but it is worth reading through to
  familiarise yourself with the workings of this program.


1. What is it for ? 
------------------

        All of us who are clients in a Local Area Network (LAN), know
        how usual is that in our absence, someone else seats at our
        workstation, turns on our PC, and logs in, accessing the net
        resources.

        What we never know is who was the intruder, at what time he logged
        in, and the worst : That he might be using our own PASSWORD for
        doing it !!

        This utility is a powerful resident program, i.e., a program running
        in background without being noticed, that will create and keep in
        our hard disk a log file (named DUMMY.FIL) reporting:

            _Date and time for each time our PC is powered-on.

           _LOGIN name and PASSWORD entered by anyone trying to log in.
            (whether his attempt was successful or not).

     For example, if our LOGIN is 'u194500' and our PASSWORD is 'guadacanal',
     our DUMMY.FIL would look like this:

               
               
                 Thu Apr 11 10:46:00 1998
                 u194500 guadacanal
                 
                 Fri Apr 12 14:05:00 1998
                 u194500 guadacanal
               
                  ...........
                 .........

       If we happened to find a LOGIN or PASSWORD differing from ours, it
       is sure someone else tried to log in using our workstation.

       In the other hand, if we just find date and time, and the following
       line just filled with blanks, it means that the intruder, when being
       prompted for a LOGIN and PASSWORD, just pressed the 'Enter' key.

       The third possibility is that you find your own LOGIN and PASSWORD,
       but at a time you were away from the office. If so, it was a good
       idea to install NETKEY !!




2. How can I test it right now ?
-------------------------------

        To test it now, there is no need to be sat at a workstation. Let
        us suppose that NETKEY.EXE is copied into the directory C:\SECURITY,
        (which is directory name we shall use in this document for all the
        examples), you just need to type:

                     1)   CD\SECURITY <enter>
                     2)   NETKEY <enter>

       3) Press any key to disable the message displayed by this Demo, and
          you will be returned to the DOS prompt. From now on, the program
          remains resident in memory, performing his task in background.
          (The registered copy will not display any message).

       4) Now, you should type for example, your first name and press 'Enter'. 

       5) Finally, type your last name, and press 'Enter' once more.

         Note: Every time you hit the 'Enter' key, the DOS will display the
               message "Bad command or file name", but you should ignore this
               message since we are just 'simulating' the prompt for a LOGIN
               and PASSWORD, as it actually happens in a workstation.

       6) When you pressed the last 'Enter', you should have heard a 'beep'
          from your PC speaker, meaning that our program has written the
          characters you input, along with the current date and time, into
          the file 'DUMMY.FIL'.
          You will find this file in the root directory of you hard disk.
          If you want to see it, this file may be opened with any text editor,
          or by simply typing at the DOS prompt:

                         TYPE C:\DUMMY.FIL <enter>





3. How can I install this DEMO to a real workstation ?
------------------------------------------------------

 ** The following steps assume that your PC is installed and configured as
    a DOS-compatible workstation connected to a server **

          1) It is essential to identify and locate the batch file which
             'starts' the network operating system on your computer.
             For example, if your AUTOEXEC.BAT file has a line reading:

      @echo off
      prompt $p$g
      ......
      .........      
      call c:\nwclient\startnet.bat  
      ......

        It is the 'STARTNET.BAT' file, located in the 'C:\NWCLIENT' directory 
        the one we must edit to load NETKEY each time our PC is powered-on.

      NOTE: To continue with this example, we shall go on using the above
            mentioned file and directory names. However, since these names
            vary from one PC to another, each user must identify the actual
            names by editing his own AUTOEXEC.BAT file, in order to be able
            to install NETKEY properly.


         2) Open the STARTNET.BAT file on your workstation with any
            text editor, for example:

                     CD\NWCLIENT  <enter>

                     EDIT STARTNET.BAT <enter>


         3) Insert a new line indicating the path to NETKEY.EXE.
            Following with our example, you should insert the line:

             C:\SECURITY\NETKEY.EXE


            It is highly recommended that you insert this line as the first
            one in 'STARTNET.BAT'.

            For example, if a part of your STARTNET.BAT file looks like this:

        .........
        ......
         cd\nwclient  
         lh lsl     Ŀ
         lh 3cx59          Protocols and other programs
         lh ipxodi         for the network connection.   
         lh tcpip            
         lh vlm     
        ........
         J:
         login   Program which validates network access 
        .........      (Prompts you for LOGIN and PASSWORD)
        .......


            It should look like this when you've finished:

         c:\security\NETKEY.EXE  Program for protection against 
         .........                     LAN hackers.
         cd\nwclient
         lh lsl     Ŀ
         lh 3cx59          Protocols and other programs
         lh ipxodi         for the network connection.   
         lh tcpip            
         lh vlm     
        ........
         J:
         login   Program which validates network access 
        .........      (Prompts you for LOGIN and PASSWORD)
        .......


        If while trying to save the changes, the text editor notifies you it
        is not possible to do so, this is because the '.BAT' file you are
        editing has the attribute 'read-only'. If this is the case, you should
        at the DOS prompt:

             _ Remove for a while the 'read-only' attribute by typing the
               command:

                         ATTRIB -r STARTNET.BAT

             _ Now you can edit the file and save the changes.          

             _ Finally, you must restore to the file its former attribute by
               typing the command:

                         ATTRIB +r STARTNET.BAT


         4) Now that we have finished installing the program, we must restart
            the computer, so that the changes will be in effect.
            From now on, each time your computer prompts you for a password,
            all the characters entered will be saved to the file 'DUMMY.FIL'.
                                                                            
            In the event that after performing the above three steps
            and logging in, the DUMMY.FIL file is not created in the
            root directory on drive C; type at the dos prompt the
            following:

                         mem /c | more <enter>

            This command will display all programs currently loaded in memory.
            If NETKEY.EXE does not appear among them, this is because you have
            not installed it properly. If so, you should carefully repeat the
            three steps again.


        IMPORTANT HINTS:

       - We do NOT recommend to load NETKEY from the AUTOEXEC.BAT itself.
         However, if you want to experiment it anyway, make sure that the
         line loading NETKEY is placed AFTER the line with the DOS command
         'KEYB'(if present). If you do the reverse, this may prevent NETKEY
         from capturing the keyboard.

       - Whether you load NETKEY from the AUTOEXEC.BAT or the .BAT file which
         starts the network operating system, ensure that the line loading
         NETKEY is placed BEFORE the line which prompts you for LOGIN and
         PASSWORD (usually LOGIN.EXE).
         If you are not sure which is this line, press the F8 key immediately
         after starting your PC, when you see the text "Now starting MS-DOS.."
         This will enable you to carry out each command in your CONFIG.SYS and
         AUTOEXEC.BAT files step by step.

      _ Avoid loading NETKEY in higher memory with the command 'loadhigh'.
                    





4. Parameters:
--------------
        By default, NETKEY will always create the DUMMY.FIL file in
        the root directory of our fixed disk C:\. However, it is
        possible to especify in the .BAT file which loads NETKEY
        another directory name for keeping DUMMY.FIL, with a line
        like this:

        ......
        ....
        NETKEY.EXE C:\work
        ....
        ...

        IMPORTANT: Make sure that, in this case, the directory "C:\WORK"
        exists. Whether the directory especified does not exist or the
        syntax used is wrong, the DUMMY.FIL FILE WILL NOT BE CREATED.





5. Registration benefits.
-------------------------

        All registered users will receive (Supplied on 3.5" disk,
        usually sent the same day):

     - The file NETKEY1.EXE, which will neither display any message nor
       emit any 'beep', what makes it completly imperceptible. It creates
       a DUMMY.FIL file exactly the same as the one produced by this Demo,
       that is, in a legible format.

     - The file NETKEY2.EXE, identical to NETKEY1.EXE, with the only
       difference that it will create a encrypted DUMMY.FIL file, which
       will look like the following:
               
               
                 ̛嫰 #{4
                 ̛
                 嫰 #{4
                 ...........
                 .........

       Obviously, NETKEY2.EXE will be the most convenient for you to install
       to avoid the element of secrecy being lost. Make sure you install one
       or the other, since loading both programs causes an error.

    - The file DECODER.EXE, which you will need to decrypt and make legible
      the file created by NETKEY2.EXE, specially linked for every registered
      user (there are not two DECODER.EXE alike).

    _ The next version of NETKEY as soon as it's ready, absolutely free.

    _ Free help and advice by E-mail, snail mail or phone.





6. Price / Order Form:
----------------------

Try out this version for up to 30 days and if it's useful for you,
please register afterwards.

Price: $39.00 (shipping costs are included).
              (US dollars only)

How can can you pay:
                   1. Cash. 
                          
               **  2. Sending an "International Money Order"
                      (ensure this Money Order is cashable in
                      New York banks) payable to PABLO BUSTABER.


** Do not send any other kind of check.


To order your registered copy of "NETKEY", simply print the form below,
fill in the details and send it along with your money, or money order to:


                   PABLO BUSTABER
                   SAAVEDRA 1136
                   3000 SANTA FE
                    ARGENTINA


Phone:    54-42-596223
E-mail:   bogart@arnet.com.ar

IMPORTANT: The name for the file that NETKEY creates cannot by specified
using parameters (what could stir up the curiosity of someone peeping at the
.BAT file we use to load NETKEY). If you should desire any special name for
this file (other than DUMMY.FIL), please specify it in the order form. It can
be any DOS valid name, and any extension is allowed. If you fail to supply a
name, I will assume you agree with the default (DUMMY.FIL).


Cut Here.......Cut Here.......Cut Here.......Cut Here.......Cut Here..


      Your Name...............................        
 (CAPITALS please)
                                                     
      Address.........................               Enclosed is:
 (CAPITALS please)
                                                      [ ] Cash
      ................................
                                                      [ ] International Money 
      ................................                    Order 
                                                          
      ................................
                                              I would like NETKEY to create
      Country.........................        a file named: ................


      Date:.............



Cut Here.......Cut Here.......Cut Here.......Cut Here.......Cut Here..





5.Other uses:
-------------

        NETKEY ,by default, will record all keystrokes typed since it is
        loaded in memory until the 2 'Enter'; accepting a maximun of 100
        characters as a whole. (Exceeding this number of characters without
        pressing the 'Enter' key  causes an error).

        Setting networks aside for a while, it is possibble to use NETKEY
        for protecting any DOS application which prompts us for a PASSWORD
        when it starts up, to prevent unauthorized access.

        For example, if we have a countable application which is started up
        by issuing the command 'ACCOUNT.EXE', we should create a '.BAT' file
        with a name such as "COUNTS.BAT" with the follwing lines:

                          @echo off
                          NETKEY.EXE 1
                          ACCOUNT.EXE

       From now on, we must start up our application issuing the command
       "COUNTS.BAT" (instead of ACCOUNT.EXE) so that NETKEY.EXE is loaded
       in memory along with it, and in the above specified order.

       The parameter '1' placed after 'NETKEY.EXE' is just to indicate our
       program to capture all keystrokes until the 1 'Enter' (that is, the
       'Enter' confirming the PASSWORD typed). If you omit the '1' parameter
       NETKEY will capture, by default, every character typed until the 2
       'enter'. 


       You will surely wonder why not loading NETKEY.EXE from the AUTOEXEC
       .BAT file on this PC, placing for example instead of the parameter '1'
       a greater number like '9'. The answer is that this is quite valid, but
       we must bear in mind that the PC operator, after powering-on the
       machine, may accomplish other previous activities using the keyboard
       before entering the above mentioned application. If this is the case,
       all these previous activities until the 'Enter' number nine would be
       recorded in DUMMY.FIL, but the 'Enter' confirming the PASSWORD might
       never be reached.

          Although we do NOT encourage to load NETKEY from the AUTOEXEC.BAT
          itself,(since there is probably a memory conflict if NETKEY.EXE is
          loaded before the KEYB command of DOS), you may need to experiment
          to see if it works properly with your particular AUTOEXEC.BAT and
          the application you intend to use.


       Another thing to consider regarding the latter example is that we must
       force the operator to use 'COUNTS.BAT' instead of ACCOUNT.EXE to start
       up the application. This can be accomplished by renaming 'ACCOUNT.EXE'
       or by hidding it into another directory.
       If the former application was initialised from MS-Windows, you should
       create a new icon specifing the corresponding path for 'COUNTS.BAT'.



       IMPORTANT: Since NETKEY is a DOS-hosted program, during a MS-Windows
       session the keyboard stops being captured (even NETKEY.EXE had been
       loaded from the AUTOEXEC.BAT file). However, if a DOS application is
       initialised from MS-Windows, the keyboard WILL be captured during this
       DOS session.




8. Technical features:
----------------------

     NETKEY is case-sensitive; and has been developed in TURBO C++
                                   and TURBO ASSEMBLER by BORLAND.

    System Requirements:
                   - Any IBM PC/XT/AT or compatible.

                   - Any video adapter.

                   _ DOS 2.1 or higher.
                     Any DOS-compatible network.
                     You can test it under MS-WINDOWS or OS/2 by runnig
                     it in the DOS Box.

                   - 19 KB free of conventional RAM memory.
                    (Since the registered version does not display any
                     message, the necessary amount is reduced to just 14 KB).


    Note: All trademarks are property of their respective owners and
          appear for identification purposes only.


    NETKEY IS SHAREWARE AND FREELY DISTRIBUTABLE.


        Disclaimer

        Users of NETKEY must accept this disclaimer of warranty:

          "NETKEY is supplied as is. The author disclaims all 
           warranties, expressed or implied, including, without
           limitation, the warranties of merchantability and of
           fitness for any purpose. The author assumes no liability 
           for damages, direct or consequential, which may result 
           from the use of NETKEY."

