Protblock manual

PROTBLOCK english manual

The unique Windows based remote controller/firewall tool
Copyright (c) 2005 WYxSoftware
All Rights Reserved

Table of Contents

1.    Preview
2.    System requirements
3.    Installation

3.1 Client (remote) computer installation
3.2 Controller (server) computer installation

4. Setting up

4.1   Controller computers
4.2   Remote computers
4.3   Firewall settings

5. Usage of the program(s)

5.1   General settings
5.2   Sending a command
5.3   Command types

5.3.1   Ask status
5.3.2   Send a message
5.3.3   Start all protocols
5.3.4   Stop all protocols
5.3.5   Activate the banned IPs
5.3.6   Activate the trusted IPs
5.3.7   Shut down
5.3.8   File transfer
5.3.9   Screen thief mode
5.3.10   Updater
5.3.11   Cafe mode

6.    Frequently Asked Questions (FAQ)
7.    Contact
8.    License

1. Preview

Protblock is a special Windows based controller/firewall tool, with its help you can remotely manage/control the computers in an internal/extarnal network.
Just install the two parts of the package to the computers and you are able to do the following things even in a workstation:

you can control the remote computers via net (lan, internet)
you can send messages
you can enable/disable the network usage
you can ban IP addresses

determining prohibited web/irc/chat/p2p sites

you can trust IP addresses

determining visitable websites for children
limiting the usable network (for instance only the local network)

you can shut down/restart/log off the computers
you can copy files
you can get the screenshot of the remote computers (screen thief)
you can update itself (the service program on clients too)
you can do all via secure connection between computers

Important thing that the users have no permission to modify, stop or change the program's functioning!
The program has 'light' and 'registered' version, the light version can only work just on a few remote computer.

2.    System requirements

The client program runs in 'service mode' on computer hence you need win32 systems with 'service running' capability.
UnderWindows 2000, XP it has been tested, but I think on Windows 2003 Server is also a good environment. The remote computers need NTFS filesystem because of security.

3.    Installation

The program collection has two parts. The first part gets to the client (remote) computers and the second one gets to the controller computer(s).

3.1   Client (remote) computer installation

Because of security issues use NTFS filesystem on the disk which you want to install the client program to! On FAT filesystem you can't make the best of the program's possibilities and the security is not guaranteed!
Run the installation file (Protblock.exe) with 'System Administrator' privileges and follow the process. The installer copies the file to your computer and creates a windows service and runs it. The name of this service is 'Prot', if you have a previous service installed with this name, you can't use the program. In this case contact the author for individual version. The second service is the Protupdater with the name 'ProtU'. This service will update our main service (and settings) if we wish.
This installed service (Prot) manages the remote computers. If the remote computer has two or more network cards we have to define the card nubmer in the adapter.ini file. The default value is the '0', this is the first card. For the second card use the value '1'. After installing and running the service it creates a file (adapters.txt) in which we can see the parameters of the network cards. The Prot service has root privileges and can control the whole computer. Of course, the regular user can't disable or delete this service from the memory! This service executes the commands received from the controller application that placed on controller pc's. Do the previous process on all remote computers.
For clients the ProtListener program will be also installed . It keeps back (it is stoppable by Control Center) and listens to the service messages and puts them to the screen. This program is needed only for the visualizing of the messages. The ProtListener - if installed - has an icon (a yellow key) on the quicklauch bar and residents in the memory. If there is no network the key is red.

3.2 Controller (server) computer installation

Run the installation file (Protcontr.exe) with 'System Administrator' privileges and follow the process. This is a simple graphical application that communicates via UDP (and TCP) protocol with the client computers.

4.    Setting up

The Figure 1 shows an example how to configure our network.

4.1   Controller computers

The Controllers are going to manage the clients over the network. We are able to use one (or more) controller(s) for this job. We need at least 2 PCs for the task (one is the controller and the other is the controlled). First of all we may design our own configuration on paper.
In the test environment (figured above) we have two controller PCs on the LAN called controller1 and controller2 (yellow computers). Give the IPs 172.16.1.21 and 172.16.1.20 for them. After starting the controller program we can create the remote IP list on the Remote settings page. At the right side of the page we can add a new client computer to the list. Looking at Figure 1 we can see that we have 4 client computers. Insert the first computer's IP address to the New IP Address editbox. Insert the name of the computer into the Comment field, for example user1. At the bottom we can insert the computer into a virtual room. We have default 9 rooms to separate our computers. The X and Y field mean the coordinates of the computer in the room. The size parameter is the width of the computer represented by an image. After the Add command the computer appears in the list and in the room. Do it for all remote computers. After selecting the computer in the list we can remove it using the Remove button. If you are ready, save them to the config file with Save button. Figure1 shows the config file called remotelist.ini that produces the program. We can edit this file with a simple text editor too if we have recognized the meaning of the fields separated by ";".
The next step is the generation of the secret-key. The data-transfer is secured between computers by a symmetrical coding function. You have to create a key.txt file with the key-generator program (ProtKeygenerator.exe)!

4.2 Remote computers

The remote computers are the controlled computers.
We have four computers with IP's 172.16.1.1, 172.16.1.2, 172.16.1.3, 172.16.1.4. We must edit the file conlist.ini in the installed directory with a text editor like Notepad. Append this file with the controller's IP and MAC address separated by ";". Figure1 shows it how. The MAC address is an individual code of a network adapter for the identification. The remote computer accepts the commands only from these adapters identified by the IP and the MAC. Keep this conlist.ini in secret on the remote computer by changing the permissons "read and write" only for Administrators and System user and removing the read access from the Regular users. In addition you have to copy the generated key.txt file (see the previous section) from the controller computer into this directory. This file is needed for establishing the connection between computers. Keep this file in secret with similar permissions like the conlist.ini. These three parameters (IP, MAC, key) identify a controller computer, in absence of any the connection is broken.

4.3 Firewall settings

The remote computer is listening on port 1555 UDP. (In addition if you want to use the Screen thief or the File transfer command, you must open the port 20 (ftp-data) TCP.) You have to enable this incoming (and outgoing) port on firewall(s) if you have.

5.    Usage of the program(s)

After the installation processes begin the work with the system.
The ProtController is the graphical interface and the main controller of the system so we must discuss it first.
Execute the program on the controller computer.

5.1   General settings

On the General settings page we can see the detected default IP and default MAC address. These two parameters are used for controlling the remote computers. Of course, in the conlist.ini setting on remote computers must point to this IP and MAC. If you don't see any IP addresses (0.0.0.0) , check first the Windows TCP/IP settings for the network adapter(s) and the installation process again, and see the permissions.

5.2   Sending a command

Let's see an example. We want to ask for the version number of the service from the remote computer.Click on the Commands page and choose the Ask status item and after that choose the Version number item in the subbox. With this process we defined the command that we want to send. Click on the Remote settings page and determine the computer. At the Remote address IP list section click on the computer with IP 172.16.1.1. Go back to the Commands page and push the Send command button.
(On the fast networks we can use the default Command delay setting that is sufficient for the communication. If the net is slower, change the Command delay to a bigger one.)
At the right side of the form (in the memobox) we can see the answer text:

172.16.1.1 --> Version number is x.y.z

The process was successful. If you see the following message:

172.16.1.1 Not answered

then the communication between computers is not established. A number of reasons might produce this problem, in the FAQ section there are many solutions for this.

Of course, we can send commands to several computers at the same time checking more items in. If we send command to more computers then the program waits for the response till the Command delay period.

The communication result is apparent on the screen too. If the computer is under control the background color of the IP number is blinking green. If the answer is received then the blinking ends else the background color will be red.

5.3 Command types

5.3.1   Ask status

Prot status - the actual status of the remote computer
Version number - the version number of the service
Log status - shows whether any user logged in or not
IPBan list version - the verion number of the bannedlist.ini file
IPTrust list version - the verion number of the trustedlist.ini file

5.3.2 Send a message

We can send messages to a computer. The max number of chars are 250. Don't use the ';' char in the text. You are able to load the text from a file using the '<...>' button.

5.3.3 Start all protocols

This function permits the usage of the network totally. All local ports are open and all IPs are permitted. The users can use the internet and the local area network.
The key icon (ProtListener) is not crossed out.

5.3.4 Stop all protocols

This function prohibits the usage of the network totally. All local ports are closed and all IPs are prohibited. Only the communication channel between controllers and remote computers is open. Neither the local area network nor the internet can be used. The key icon (ProtListener) is crossed out and shows that net connection is not permitted.

5.3.5 Activate the banned IPs

There is a list on remote computers called bannedlist.ini. If the file doesn't exist you can create this file on the remote computer.
The structure of this file is:

#1.00
195.228.75.117;chat.hu
195.70.36.207;chat.gyaloglo.hu

The first line is the version number. If we change the file then we must increase this number manually .
The other lines show the banned IPs + ';'+ the hostname of this IP (the hostname is only for comfort). These IPs are denied on the remote computer. If the user wants to reach this IP (on any protocoll) the program will send a message that this IP is not available. This function is good (for example) to prohibit chat sites from the local computer.
If we ask a status from the banned computer then it gives:

172.16.1.1 --> Prot status: IPBan initialized.

5.3.6 Activate the trusted IPs

There is a list on remote computers called trustedlist.ini. If the file doesn't exist you can create this file on the remote computer.
The structure of the file is similar to the one which has been explained in the previous section.
This command says to the remote computer that the user can reach only the specified IPs collected by the file.
The user can't reach any other IP on the net.

5.3.7 Shut down

Log off - the computer is going to log off in the time specified in the Time in min box
Shut down - the computer is going to shut down in the time specified in the Time in min box
Restart - the computer is going to restart in the time specified in the Time in min box

If you give the command, you can't revoke it! However, you are able to change the time (but not disable) with a command again.
If you set- for example- a remote computer to shut down in 5 minutes, the ProtListener shows twice the message (on remote computer) after giving a command. First it shows immediately and for the second time one minute before shutting down.

5.3.8 File transfer

You are able to copy file(s) from local (controller) computer to remote computer(s). The files must be in the same directory (the directory can't be copied). The recursive copy is not working. Be careful with this command because you might rewrite file(s) on remote computers!

5.3.9 Screen thief mode

In this mode you can steal the remote screen. The stolen screen is copied temporarily to the controller's computer and it appears in the box (that means the computer). If you see an X on the screen after sending a command then the computer is switched off or does not answer. The program shows if the computers are logged off or in. Remember the ftp-data port needs to be enabled on the firewall! Sometimes the answer does not arrive because the communication has been lost. In this case don't worry, try again. This is a non-repeated command, if the communication is lost the controller does not try again!
In this mode if we move the mouse pointer over the computer box the stolen screen is zooming in! If we click on this zoomed screen it will be resized to fullscreen.
If we click again, it goes back.

5.3.10 Updater

This command helps you to update the program related files on the remote computers. You are able to update not only the ini files but the main service too! If you want to update follow the steps:

Create a directory on your controller's computer
copy the new file(s) into this directory and decompress (what you downloaded from the website) it (them)
Go to the 'Updater' command
Choose the cretated dictionary and send the command

You might create your own updater directory. The structure is the following: (Let's see an example.)

c:\update\
    bannediplist.ini.upd
    updatelist.txt

You can refresh the banned list on the remote computer with these two files. The updatelist.txt must be with the following lines:
bannediplist.ini.upd
bannediplist.ini

It means that the program copies both (bannediplist.ini.upd, updatelist.txt) files to the remote computer and there the service opens the updatelist.txt file and looks what is written in the file. It recognizes that the bannediplist.ini.upd must rename to bannediplist.ini ! The first line is the original file name, the second line is the renamed one. (The ProtUpdater service is also not stoppable by a regular user) If you want to refresh your service too, insert these two lines to the updatelist.txt :

protblock.exe.upd
protblock.exe

...and copy the protblock.exe.upd into the updater directory! That is very simple.
We suggest checking the version number after the update process.
This is a non-repeated command so if the communication is lost the controller does not try again! The ftp-data port need to be enabled on the firewall!

5.3.11 Cafe mode

This mode is expressly implemented for the Internet Cafes. You can define timers for computers and listen to the value of the timers on the screen. Set the Cafe related settings on the General settings page. The progressbar can be seen at the top of every computer box. After adding a new timer you might see the timer value of this computer. You can't change the value of an existing timer! First remove the old one and then add a new one.
If the program crashes (or exits) the timer values are not lost. If you restart the program the timers are going on.

6.    Frequently Asked Questions (FAQ)

You may use the official forum to find the solution for your problem.

I can see that the Controller writes ' Not answered' after sending a command to a remote computer. What is the problem?

Firts of all you have to be sure that you perfectly finished the installation process. Check if the neccessary files (and the key file too) have been copied/created to the directories (.ini and key.txt). See the INI files inside and check the IPs and the MAC addresses (like on Figure 1). If you have firewall, check if the ports are open or not. See if the service (Prot) are started or stopped.
I can see the following message after sending a command: 'You don't have permission to control! <IP>" What does it mean?

Probably the controller side is right but the conlist.ini of the client side does not contain the controller's IP or MAC properly.
I installed the client program to the remote computer but the service does not want to run!

If the service program (Protblock.exe) is installed but not possible to start then you have to check if all ini files have been copied to the program's dir (conlist.ini, status.ini, servicestatus.txt, key.txt). Then you must check the following installed dlls in the Windows dirs:
npf.sys            in      %WINDIR%\System32\drivers\
pthreadVC.dll     in    %WINDIR%\System32\
packet.dll            in    %WINDIR%\System32\
wpcap.dll            in    %WINDIR% \System32\
I got the following error message after sending a command: "Socket error #xxxxx No route to host."?

The network configuration is not correct in Windows. Go to the General settings page to have a look at the Network parameters. If the selected network card has no IP (0.0.0.0) then set the IP by the Network setting icon under Windows.
Am I able to command from more controller computers side by side?

Yes, you are.
How can I stop the services on the remote computer?

You must log in as Administrator and use the Start menu->Run... and type: net stop Prot and net stop ProtU .

7.    Contact

WYxSoftware team
Hungary, Europe
web:       www.wyxsoftware.com
mail:      info@wyxsoftware.com
forum:     www.forum.wyxsoftware.com

8.    License

THIS PROGRAM AND THE ACCOMPANYING FILES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, WHETHER IMPRESSED OR IMPLIED. THE AUTHOR ASSUMES NO RESPONSIBILITY FOR DAMAGE OF ANY KIND ON HARD- OR SOFTWARE OR OTHER DAMAGE, WHICH HAS BEEN CAUSED DIRECTLY OR INDIRECTLY BY THE USE OF THIS PROGRAM AND EVEN NOT FOR THE FUNCTIONALITY OF THE PROGRAM.

The LIGHT version is used for getting to know the program. The LIGHT version may be freely distributed, with exceptions noted below, provided the distribution package is not modified in any way.

No person or company may distribute separate parts of the package without written permission of the copyright owner.

The ProtBlock LIGHT version may not be distributed inside of any other software package without written permission of the copyright owner.

The REGISTERED version of the software requires payment. You can read about the fees on the official website of ProtBlock

Installing and using ProtBlock signifies acceptance of these terms and conditions of the license.
If you do not agree with the terms of this license you must remove ProtBlock files from your storage devices and cease to use the product.

Thank you for using ProtBlock.