
                - SmartSec Copyright (C) 1993 by Peter Laur -
                   "A PCBoard v15.0 Extended Security PPE"


 WHATSNEW V2.00 


  1:    ID check every 50'th call. (configurable)

  2:    ID check when Security Violations exceed 10 in integers. (configurable)

  3:    ID check when Password Failures exceed 5 in integers. (configurable)

  4:    The above tests totaly independent of each other!

  5:    ID check when Connect Speed is not the normal one usually used.

  6:    Retry attempts to answer ID questions. (configurable)

  7:    New Security level wich the user should be "punished" to
        if not succesfull answering the ID (configurable)

  8:    If a user fails once in answering the ID check question, he is forced
        secretly to select a new password the next time he logs on your system.

  9:    Special SysOp security check if you call the system via modem at 
        every time. Bypassed if on locally.

 10:    20 Usernames to BYPASS the SmartSec. (configurable)

 11:    20 Usernames to FORCE into the SmartSec. (configurable)

 12:    Language specific prompts and menus. (configurable)

 13:    Message sent to SysOp incase of user fails. (configurable)

 14:    SmartSec's new data is stored presently in NOTES field line 5.

 15:    Can be installed in any path anywhere together with menus/prompts.

 16:    Makes a self-check to see if required (PSA) and config files are ok.

 17:    All files are opened in "Read-Only" + "Deny Write" mode for full
        network compability.

 18:    All the Beta testing / development is dune in our 11 node Lantastic
        LAN environment for as good results as possible :-)


 WHATSNEW V2.01 


  1:    If a Language specific prompt or menu is missing, the default being
        used is English.


 WHATSNEW V2.02 


  1:    Lantastic & Novell Broadcast messages of ID failures, Punished users
        and WhoCalled logons. (configurable)

  2:    Usernames in WHOCALL.USR to notify SysOp upon login. (configurable)

  3:    Time START & STOP limits for the Network Broadcasts. (configurable)
        (Please only use Military Time in 24hr format - no AM or PM support)


 WHATSNEW V2.03 


  1:    HighSec ID check every XX'th call. Used to rise the level of normal
        security checks made to a higher value - at nights or at any other
        time you might expect "suspicious" users logon. (configurable)

  2:    The HighSec START & STOP times of increased ID checks. (configurable)

  3:    ID check when Conference Violations exceeds 3 in int. (configurable)

  4:    ID check when Download Limits exceeds 10 in integers. (configurable)

  5:    ID check when Upload Verify Failed exceeds 2 in int. (configurable)

  6:    Increased data-fileds in Notes Line 5 to keep the variables. We will
        soon be using our own external indexed database for this information.

  7:    Cleaned up the Code a bit of unecessary spaces & comments. In the near
        future we will leave the PPLC and instead start using MSC 7.0 and the
        PCBoard Developers Kit + our external indexed database to make things
        faster & better. Next release will take a while until finished...


 WHATSNEW V2.04 


  1:    50 Users can now be in any of the BYPASS/FORCE/WHOCALL userfiles.

  2:    Some SysOp's didn't realize that the VERIFICATION field needed to be
        empty to get SmartSec into the newuser mode. This version writes over
        the previous (if any) info in this field with the new selected ID.


 WHATSNEW V2.05 


  1:    Bug-Fix of the routine to update the datafield. This version works
        at it should. If you use v2.03 or 2.04 - change to this one...


 WHATSNEW V2.06 


  1:    TimeLog to keep the Users last 19 times logged on stored in our time
        variables at Notes Line 5, to check if the behavior is changed or 
        within the normal values. No test is made of these new added fields
        until the 19'th and last variable is fully stored. Updated at every
        login to get the latest values to compare with. By using letters we
        have decresed the space needed and can store more logon times. SysOp
        (if local) is always bypassed the TimeLog test.

        Both Military or AM/PM time can be used at the PC. PCBoard converts it
        to HH:MM:SS wich we use. If any problem - please write a message to me
        at Salt Air or send a FidoNet Netmail / InterNet E-mail.

        For example: Starting with 00:00 - 00:59 = A, 01:00 - 01:59 = B, and
        so on... If using Military time, between 16:00 - 16:59 should be stored
        in Notes Line 5 as Q|. Or: 4 PM to 4.59 PM is also Q|.


 WHATSNEW V2.07 


  1:    Some PC's time variables behaved strange, so now SmartSec uses seconds
        after midnight to calculate the time needed for TimeLog. If you didn't
        get v2.06 to work, try this version. If all works OK, everytime you
        login the rightmost datafield in Notes Line 5, should always be updated
        with a letter corresponding to the time you're on.

  2:    In SMART.CFG at the fields for START/STOP of HighSec & the Broadcasts,
        if you cannot get it to work with the time specified as 00:00 - 01:00
        please try 00.00 - 01.00 or whatever your machine uses for time format.


 WHATSNEW V2.08 


  1:    Added 2 fields in the SMART.CFG file for LOWSEC & HIGHSEC to bypass
        SmartSec on certain Security Levels. Usually this is simple to do using
        Security Specific Menus, but some SysOp's who doesn't use this can now
        easily select wich levels to check or not. If a level is bypassed, you
        can force a User into SmartSec by putting he's name in the BYPASS.USR
        file even if he belongs to a LOWSEC & HIGHSEC exception.

        Note: You *must* add line 17 & 18 in SMART.CFG with either LOWSEC &
        HIGHSEC # or NONE as desired. Have a look in the supplied one...

  2:    LOWSEC & HIGSEC Users Datafield in Notes Line 5 are always updated in
        case you change your mind and want them verified bu SmartSec later on.

  3:    Bug-Fix wich could make the DataField displaying something like:
        0|0|0|0|0||||||||||||||||||||  If such a field is discovered, it's 
        fixed and updated correctly to the last entry.




