Home | Back to MSE data sheet


Modem Security Enforcer
Model MSE-1

Instruction Manual

Table of Contents
                                                                 Page
1. Introduction and User Operation  . . . . . . . . . . . . . . .  3
     1.1 Use How to This Manual . . . . . . . . . . . . . . . . .  3
     1.2 Applications . . . . . . . . . . . . . . . . . . . . . .  3
     1.3 Definitions  . . . . . . . . . . . . . . . . . . . . . .  4
     1.4 The Modem Security Enforcer Solution . . . . . . . . . .  5
     1.5 Multiple Lines . . . . . . . . . . . . . . . . . . . . .  7
     1.6 Modem Variability  . . . . . . . . . . . . . . . . . . .  7

2. Getting Started  . . . . . . . . . . . . . . . . . . . . . . .  8
     2.1 Hookup . . . . . . . . . . . . . . . . . . . . . . . . .  8
     2.2 Accessing the MSE-1  . . . . . . . . . . . . . . . . . .  8
     2.3 Changing Passwords . . . . . . . . . . . . . . . . . . .  9
     2.4 System Administrator Access  . . . . . . . . . . . . . .  9
     2.5 Creating and Canceling Accounts  . . . . . . . . . . . . 10
     2.6 Front Panel Indicators . . . . . . . . . . . . . . . . . 11
     2.7 Front Panel Control  . . . . . . . . . . . . . . . . . . 12
     2.8 Callback Mode  . . . . . . . . . . . . . . . . . . . . . 13
     2.9 Ongoing Usage  . . . . . . . . . . . . . . . . . . . . . 13

3. Customization  . . . . . . . . . . . . . . . . . . . . . . . . 14
     3.1 Parameter Menu Operation . . . . . . . . . . . . . . . . 14
     3.2 Timing and Related Parameters  . . . . . . . . . . . . . 14
     3.3 Message Parameters . . . . . . . . . . . . . . . . . . . 16
     3.4 Other Parameters . . . . . . . . . . . . . . . . . . . . 20
     3.5 User Account Database  . . . . . . . . . . . . . . . . . 22

4. Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
     4.1 Jumper Options . . . . . . . . . . . . . . . . . . . . . 25
     4.2 Hardware Menu Access . . . . . . . . . . . . . . . . . . 26
     4.3 Block Diagram  . . . . . . . . . . . . . . . . . . . . . 26
     Figure 4-1: Jumper Locations . . . . . . . . . . . . . . . . 27
     Board Photo
     Figure 4-2: Block Diagram  . . . . . . . . . . . . . . . . . 28

5. The Multiple Configuration . . . . . . . . . . . . . . . . . . 29
     5.1 Pushbutton Operation . . . . . . . . . . . . . . . . . . 29
     5.2 Unit ID  . . . . . . . . . . . . . . . . . . . . . . . . 29
     5.3 Automatic Updates  . . . . . . . . . . . . . . . . . . . 29
     5.4 Copying  . . . . . . . . . . . . . . . . . . . . . . . . 29
     5.5 Connection of Individual MSE-1's . . . . . . . . . . . . 30
     5.6 Card Removal/Insertion . . . . . . . . . . . . . . . . . 30
     5.7 Multiple Cages . . . . . . . . . . . . . . . . . . . . . 30

6. DTE Access . . . . . . . . . . . . . . . . . . . . . . . . . . 31

7. Formal Operational Description . . . . . . . . . . . . . . . . 32
     7.1 Idle State . . . . . . . . . . . . . . . . . . . . . . . 32
     7.2 Access State . . . . . . . . . . . . . . . . . . . . . . 32
     7.3 Active State . . . . . . . . . . . . . . . . . . . . . . 34
     7.4 Program State  . . . . . . . . . . . . . . . . . . . . . 34

8. In Case of Difficulty  . . . . . . . . . . . . . . . . . . . . 35
     8.1 Hardware Problems  . . . . . . . . . . . . . . . . . . . 35
     8.2 Command Problems . . . . . . . . . . . . . . . . . . . . 35
     8.3 Test Arrangements  . . . . . . . . . . . . . . . . . . . 35
     Figure 8-1: Monitor Cable Connection . . . . . . . . . . . . 36

Appendix A. Hexadecimal Bit Map . . . . . . . . . . . . . . . . . 37

Appendix B. Hexadecimal/ASCII Table . . . . . . . . . . . . . . . 38

Appendix C. Parameter Summary . . . . . . . . . . . . . . . . . . 39

Appendix D. Parameter Factory Settings  . . . . . . . . . . . . . 40

Warranty and Limitation of Liability  . . . . . . . . . . . . . . 41  
1. Introduction and User Operation

     This chapter provides an overview of the environments where the
Modem Security Enforcer is utilized. Requirements, definitions,
security solutions, multiple line configurations, and modem
considerations are discussed.

1.1 How to Use This Manual

     Chapters 1 and 2 are sufficient in many instances to cover the
material required to install and operate the MSE-1. Should it be
necessary to alter the factory default parameters and jumpers,
chapters 3 and 4 will also be required. If difficulties arise in
using the unit, consult chapter 8. In order to achieve maximum
performance relative to specific needs, it is recommended that the
rest of this manual be examined.

1.2 Applications

     Many types of computer and communications systems are monitored
and maintained through the use of standard ASCII terminals, either
video display or printing terminals. In a large number of situations,
it is desirable to access the system when off-site with remote
terminals. Examples of such systems are: Private Branch Exchange
(PBX) telephone switches, from which data is polled and extracted on
a routine basis, and new stored program control information
periodically loaded by a manufacturer or central organization;
Station Message Detail Recording (SMDR) units, either attached to a
maintenance port on a PBX, or separately attached to telephone lines
of a PBX or key telephone system, which collect and store information
regarding the telephone traffic observed, and dump this data to a
remote billing or network reporting system; in-house corporate
computing centers, which provide external access for the use of
employees, permitting work at home or on the road; and general
purpose computing centers, whose business it is to provide data
processing services to outside users.

     Remote access can be achieved through the installation of
dedicated communications lines between the point of control at the
remote location and the site of the equipment to be served. The
solution of dedicated communications facilities is useful when a
single control access point is desired; however, such communications
facilities can be relatively expensive. In order to reduce these
costs, or to provide a flexible system with variable and multiple
control points, the public switched telephone network is used. This
has the advantage of permitting anyone with suitable terminal and
communications equipment to dial into the system via the telephone
network and attain control of that system, virtually anywhere in the
world. This is mandatory for the case of computing centers which
solicit use by outsiders who change on a continual basis. In
addition, the high cost of dedicated communications lines is
eliminated.

     A significant disadvantage of using the public switched
telephone network for system access, however, is that the system is
open to potential access from parties for which entrance is not
intended. This major problem is increasing in severity with the
proliferation of personal computers, which are easily programmed to
attempt "breaking" into computing and communications systems. For the
cases of PBX monitoring, SMDR units, and similar non-computing
environments, in many instances there is no, or limited, built-in
security provided in that equipment to prevent access. This can have
the effect of unauthorized collection of sensitive data, accidental
modification of control parameters, or intentional changes to an
existing database. Even if the system is not successfully entered,
the caller can tie up the telephone line for extended periods of time
(attempting to guess control words) and prevent authorized access
into the system.

     Computing centers often have some limited form of access
security; this can also suffer from the problem of tying up telephone
lines from authorized users during access attempts by unauthorized
individuals. These security measures are integral parts of extremely
complex operating systems resident in the computer itself. It is
generally well known in the software field that the more complicated
a system is, the more likely it is that some combination of events
can be used to gain unintended access. It is difficult to know if
"back doors" have been implemented in system software, permitting
undesired access by system programmers. Indeed, there can be no
absolute assurance that software packages written by outside vendors
do not contain such "hooks". Sophisticated system software products
can be so complicated that it is impossible or extremely difficult to
analyze to determine if system security has been compromised. Former
employees who at one time had clearance may know of non-obvious
schemes to enter a computing system, even after removal of the
"normal" way access is attained.

     The end result is that although public switched access is highly
desirable for authorized access into many systems, doing so opens a
Pandora's box which can lead to unauthorized access with dire
consequences. The data security problem may be due to the lack of
sufficient security measures on the controlled equipment, or the lack
of assurance that alternate access methods do not exist on complex
computer systems. The vengeance of a disgruntled former employee
intimately familiar with the internal workings of a data processing
facility, who knows how to wreak maximum damage, can prove highly
destructive.

1.3 Definitions

     Devices which transmit and receive digital data, and are at the
end of a communications channel, are referred to as Data Terminal
Equipment (DTE). Video display and printing terminals, SMDR units,
and computers are examples of DTE.

     A Modem is a device which interfaces digital data with
conventional voice telephone lines. Digital information to be
transmitted to a remote location is converted into a form suitable
for transmission, and sent over the line. Information received from a
similar unit at the far end is converted into digital form compatible
with data terminal equipment. Modems are referred to as Data
Communications Equipment (DCE).

     RS-232 is a standard serial interface which is used to connect
DTE and DCE together. Pinout definitions are such that pairs of
equipment designated as DTE and DCE mate, and can directly be
connected together. DTE designated equipment cannot be directly
connected to other DTE designated equipment, or DCE designated
equipment directly connected to other DCE designated equipment. The
most common form of connector is the DB-25 socket or plug. Whether a
device is wired as DTE or DCE cannot reliably be determined from the
type of DB-25 connecter (male or female), and may require Gender
Changers to permit connection.

     A Null Modem is a connector which converts a DTE device into the
pinout of a DCE device, or a DCE device into the pinout of a DTE
device. A null modem is used to make DTE-DTE or DCE-DCE connections.

     Baud Rate is the number of bits per second transmitted or
received over a serial (RS-232) line. In order to properly
communicate, two devices must use the same speed.

1.4 The Modem Security Enforcer Solution

     The MSE-1 is designed to eliminate the data security problem
encountered in using the public switched telephone network for access
into a modem. It breaks the connection between the RS-232 ports of
the DCE (modem) and the DTE, and is placed between the two units. In
order to gain access from the telephone network, access must first be
secured into the MSE-1 prior to a through connection being
established between the modem and the protected equipment.

     When the modem receives a telephone call, it notifies the MSE-1,
which then sets up an interactive conversation with the potential
system user. A variety of security measures are available, selection
of which is dependent upon the particular needs of the system. If
access is granted, the user is notified, and transparently connected
to the DTE. If access is denied, a through connection is not
established, and the system is locked out from further access
attempts for a predetermined time period.

     The MSE-1 solves the security problem for PBX's and like
equipment by putting into place a protection arrangement superior to
that provided by the DTE directly. It solves the security problem for
sophisticated computing centers by placing a separate physical device
ahead of the computer, providing a clear line of demarcation between
outside access and the computer itself. Any internal knowledge of the
computer is of no use in gaining computer access, since no connection
is made between the modem and the computer until the MSE-1 has
validated that the accessor is authorized. The MSE-1 cannot be
programmed without being on site (unless it is desired to override
this safety factor), so even if a potential abuser knows about the
MSE-1, that information cannot be used to modify the MSE-1 in order
to achieve access.

     Authorized users are issued an Account, which consists of the
following: a Login Name; a Password; a Callback Number; a cumulative
count of successful accesses; and a count of unsuccessful access
attempts since the last successful access. A global record is kept of
all successful accesses and unsuccessful access attempts which led to
a Lockout. These can be read by the System Administrator.

     When the maximum security provisions are in place, the access
procedure consists of the following steps:

1. The user calls the access telephone number, either manually or
through an autodial provision of his modem (user modem). This step is
identical to whatever is done without the Modem Security Enforcer.

2. The system modem answers the call, and alerts the MSE-1. The user
modem acknowledges the connection.

3. If the system modem does not indicate High Speed, and the Autobaud
option of the MSE-1 has been selected, the user enters <Return>.
Otherwise, this step is omitted.

4. The MSE-1 issues an identification request to the user. This
message is programmable by the System Administrator.

5. The user enters his Login Name.

6. The MSE-1 asks for the user's Password. This message is
programmable by the System Administrator.

7. The user enters his Password.

8. The MSE-1 informs the user that he will be called back. This
message is programmable by the System Administrator.

9. The MSE-1 directs the system modem to hang up the call.

10. The user either manually hangs up his modem, or the user modem
detects loss of carrier, automatically hangs up the line, and
notifies the user.

11. The MSE-1 retrieves the user's Callback Telephone Number, and
commands the system modem to dial it.

12. Either the user modem automatically answers the callback, or the
user manually commands his modem to answer the call.

13. The system modem notifies the MSE-1 that the call has been
answered by the user modem.

14. The MSE-1 asks for the user's Password. This message is
programmable by the System Administrator.

15. The user enters his Password.

16. The MSE-1 sends a connection message to the user. This message is
programmable by the System Administrator. Typically, it will state
the cumulative number of accesses and the number of unsuccessful
access attempts since the last successful access.

17. The MSE-1 establishes a communications path between the system
modem and the DTE.

18. The user conducts an interactive session with the protected
equipment.

19. The user hangs up and the system modem notifies the MSE-1.

20. The MSE-1 sends a logoff message to the DTE. This message is
programmable by the System Administrator.

21. The MSE-1 and the system modem are ready to receive another call.

     If the Access Time, specified by the System Administrator,
elapses from the time the system modem answers the initial call, and
final acceptance and through connection to the DTE is established,
the access procedure aborts. The MSE-1 commands the system modem to
hang up the call.

     If the number of incorrect Login Name or Password entries
reaches the Error Maximum, specified by the System Administrator, the
MSE-1 goes into a Lockout State. The MSE-1 is frozen for Lockout Time
minutes, specified by the System Administrator. During this time, the
Idle lamp on the front of the MSE-1 flashes. Depression of the
Pushbutton will prematurely exit this state. At the conclusion of the
Lockout Time, the modem is commanded to hang up the call, and the
MSE-1 and the system modem are ready for another call.

     After successful access, and during interactive activity between
the user and the protected equipment, if the Maximum Time is reached,
specified by the System Administrator, or there is a period of time
where no characters are sent in either direction which is equal to
the No Activity Time, specified by the System Administrator, the
MSE-1 sends the Logout Message to the DTE, and commands the system
modem to hang up the call.

     Less secure operational Modes can be selected for the MSE-1.
Controlled by the Pushbutton, the requirements to enter the initial
Password, call the user back, and request a Password after the
callback, can be independently removed. The MSE-1 can be taken out of
Protected mode, which allows free access from the system modem to the
DTE.

     If the user wishes to change his Password, he prefixes the Login
Name with a single character, specified by the System Administrator.
All operation is identical up to the point where access is granted
(through step #15). When this occurs, the MSE-1 prompts the user for
the new Password. If <Return> is entered, no change is made.
Otherwise, after an identical repetition, the Password is changed
accordingly. The procedure continues at step #16 (connection message
sent).

     All information stored in the MSE-1 is contained in non-volatile
EEPROM, and is retained after loss of power. The MSE-1 operates at
the following baud rates: 50, 75, 110, 134.5, 150, 200, 300, 600,
1200, 2400, 4800, and 9600. Eight bits, or seven bits plus parity can
be selected. The unit is powered from 117 volts AC.

1.5 Multiple Lines

     In environments such as computer centers, there are many
telephone lines accessed as a group by outside users. For these
situations, the rack mount MSE-1 is used. All individual MSE-1 units,
one per line, intercommunicate. User accesses and failures, user
password changes, and system programming, when performed on any line,
are reflected to all other MSE-1 units in the group. The Mode
selection by the Pushbutton controls all units as well.

1.6 Modem Variability

     The MSE-1 operates by receiving notification from the system
modem, and commanding it. The unit is designed to permit operation
with any modem meeting minimum capabilities. All command sequences
sent to the modem are programmable by the System Administrator, so
commands required for control can be implemented, no matter what the
specific instructions are.

     The system modem must have a Carrier Detect output (pin 8), to
notify the MSE-1 that a call has been received, and that a callback
has resulted in an answer. If this is not available, Data Set Ready
(DSR, pin 6) can be used in some applications, with this line set to
be active after answering.

     The system modem should be capable of being commanded to dial a
telephone number. If this is not available, the MSE-1 can still be
used in the Initial Password without Callback Mode.

     Upon power-up, the MSE-1 sends an initialization command to the
system modem. This is specified by the System Administrator, and can
be used to set defaults in the modem which are not impervious to
power failures.
2. Getting Started

     This chapter describes how to connect the MSE-1 and operate with
the factory defaults. Front panel operation and account setup are
detailed.

2.1 Hookup

     It is assumed that prior to the installation of the MSE-1, the
existing modem and DTE are compatible, connected, and fully
operational together. If this is not so, resolve any problems between
those two units before attempting to connect the MSE-1. The modem
should be placed into auto answer mode, so that dialing the modem
number results in the modem answering the line, and connecting
through to the DTE, thereby establishing communications.

     Plug the power transformer assembly, supplied, into the mating
power connector on the rear of the MSE-1 unit. Plug the transformer
into a standard 117 volt AC outlet. The Idle, Protect, and Init PW
lamps should be on, with no others illuminated. Disconnect the RS-232
cable connecting the modem to the DTE system to be protected. Connect
the DTE system to the DTE connector on the rear of the MSE-1. This is
located above the power connector. Connect the modem to the DCE
connector on the rear of the MSE-1. Be certain that all connectors
are fully seated for positive contact.

     Factory settings assume the following configuration: pin 8 of
the modem provides a Carrier Detect output; communications initiated
from the DTE side are at 1200 baud; the MSE-1 will transmit 7 bits
plus an even parity bit; operation is full duplex; upon reception of
carrier from the modem, a High Speed indication from the modem (pin
12) forces 1200 baud operation; if the High Speed signal is not
active, Autobaud is performed; the DTE generates a DTR signal (pin
20) when communications are to be accepted; the modem accepts DTR
input; and the modem communicates via Hayes compatible commands. Set
switch 1 up for Hayes Smartmodems. If any of these conditions are not
met, consult chapters 3 and 4 to configure the MSE-1 to the specific
requirements.

2.2 Accessing the MSE-1

     Dial into the modem with a standard ASCII terminal. The modem
should answer the line, the MSE-1's Idle lamp extinguish, and the
Access lamp illuminate. If the modem supports the High Speed line,
and the call was made at the High Speed (assumed to be 1200 baud), at
this time the MSE-1 will send the Login Prompt Message:

               MSE-1 Unit #1
               Security ID:

If not, wait several seconds and send a single <Return> (ASCII 13
decimal, 0D hexadecimal). The "<...>" is used here to indicate that a
single character is sent, and is represented by the description
contained within the brackets. The MSE-1 will then send the Login
Prompt Message.

     Respond   to  the  Login  Prompt  Message:  "John Doe<Return>".
Type everything between, but not including, the quotation marks.  Be
certain to include a single space between John and Doe, and no space
either before John or <Return>.  Either upper or lower case may be
used.   The  MSE-1  will  respond  with  the  Password Prompt
Message:

               Security Password:

Respond by typing "JD<Return>". Either upper or lower case may be
used. The MSE-1 will respond with the Active Message:

               John Doe, 1200 Baud
               00 Previous Failed Attempts
               0001 Accesses

If the baud rate is other than 1200, the appropriate speed will be
shown. The number of Previous Failed Attempts and Accesses may be
other than 00 or 0001.

     The Access lamp will extinguish and the Active lamp illuminate.
At this point, communications are established with the DTE; test by
conversing with the protected equipment identically to the manner
used prior to the installation of the MSE-1.

     At the conclusion of the test, hang up; the modem will hang up
the line, the MSE-1 Active lamp extinguish, and the Idle lamp
re-illuminate. The MSE-1 will have sent the Logoff Message to the
DTE:

               <Control C>Logoff<Return>

If this message is not appropriate, consult chapter 3.

     Factory defaults will cause an automatic disconnection if there
are no characters sent between the DCE and DTE for a period of 30
minutes, or if the overall time exceeds 5 hours. A maximum of 2
minutes is permitted while in Access State. See chapter 3 to change
these values.

2.3 Changing Passwords

     Repeat the above procedure, except use "+John Doe<Return>" as
the Login Name. Instead of directly going to the Active State after
supplying the Password, the following message will be displayed:


               Enter New Password:

If <Return> is typed at this time, no change will be made, and the
Active Message will be displayed. Change the Password to another
character sequence, followed by <Return>. The following message will
be displayed:

               Repeat:

Reenter the new Password, followed by <Return>. John Doe's password
is now changed, and the Active Message displayed.

2.4 System Administrator Access

     Repeat the above procedure, using the System Administrator's
Login Name and Password instead of "John Doe" and "JD": "Super" and
"SU". No errors are permitted in the entry of the "Super" Login Name;
if a mistake is made, hang up and start over. In place of the Active
Message, the System Administrator Menu will be displayed:

               0 Exit
               1 Stats
               2 List
               3 Account
               4 Parameters
               5 Copy
               6 Format

               ?

This time, the Access lamp will extinguish, and the Program lamp
illuminate. Type "1". Displayed will be:

               Successes-Lockouts: 0004 0001

followed by the Menu. The numbers may be different than those shown
above. The first number is the cumulative overall number of
successful accesses the MSE-1 has received since manufacture. The
second number is the cumulative number of times a user has
unsuccessfully attempted to access the MSE-1 and made Error Maximum
mistakes (factory default is 7).

2.5 Creating and Canceling Accounts

     In response to the Menu query, type "2". A list of all Accounts
in the MSE-1 will be displayed:

     Super: Tel # = , Accesses = 0003, Failures = 00
     John Doe: Tel # = 5551212, Accesses = 0002, Failures = 00

followed by the Menu. The Accesses and Failures may differ.

     Type "3". The following message will be displayed:

               Account:

Using upper and lower case, enter a Login Name desired for use,
terminated with <Return>. A maximum of 15 characters may be used, and
if this maximum is used, do not type the <Return>. If a different
maximum Login Name length is desired, consult chapter 3. The
following message will be displayed:

               + to Add:

If a mistake is made in typing the new Login Name, type <Return> (or
any character other than "+"). Otherwise, type "+". The following
message will be displayed:

               Enter New Password:

Type in the Password desired; any number of characters may be used,
and any of the 128 ASCII values may be utilized with the exception of
<Return>. Terminate the Password with <Return>. If it is desired to
have no Password for this Account (in which case the user must
respond to the Password Prompt Message with a single <Return> to gain
access), simply type <Return> for the Password. If a Password is
entered, the following message will be displayed:

               Repeat:

Retype the same Password, followed by <Return>. The following message
will be displayed:

               Callback #:

Type in the telephone number to be dialled to reach this particular
user. If less than 10 digits are to be dialled, suffix the telephone
number with "F" until a total of 10 characters have been typed. If no
callback number is to be used for this account, type "FFFFFFFFFF". If
this is done, callbacks will not be made for this account, even if
the MSE-1 is in the Callback Mode. After typing the last digit of the
telephone number field, a current listing of the new account will be
displayed, showing Accesses = 0000 and Failures = 00.

     The Account prompt will be displayed. Type "John Doe<Return>".
The information regarding this account will be shown, followed by the
following message:

               # to Cancel:


Type "#". This cancels the John Doe account. Type <Return> to the
redisplayed Account message, and the Menu will reappear.

     Type "0" to exit Program Mode. The Program lamp will extinguish,
and the Access lamp illuminate. Type <Return> to test the new Login
Name just added (the <Return> will not be necessary if the High Speed
line is active).

     Menu options 4 and 6 are described in chapter 3, and option 5 in
chapter 5. In general, the Account option asks for a Login Name; if
the account entered currently exists, that information will be
displayed, and an option supplied to cancel the account. If a new
Login Name is entered, an option is given to add that account. The
List option shows all current accounts. The display may be paused by
sending a <Break>; the display will continue when the <Break> is
released.

     If it is desired to change the System Administrator's Login Name
from the factory default of "Super", utilize the following procedure.
First cancel "Super". IMMEDIATELY thereafter, add a new account. This
account will become the System Administrator's Login Name. If the
System Administrator's account is canceled and not replaced prior to
hanging up, it will not be possible to access the Menu in the normal
fashion. Should this occur, consult section 4.2. To change the Super
Password, do not follow the above procedure; use the Change Password
procedure previously described.

2.6 Front Panel Indicators

     The front panel of the MSE-1 contains ten indicator lamps, in
three groups. These lamps have the following meanings:

Status Indicators

The Status indicators are green. Only one of the four Status lamps
will be illuminated at any one time.

Idle:
The MSE-1 is currently inactive. It is ready to receive a Carrier
Detect indication from the modem to initiate access. A character from
the DTE will initiate access from that port.

Access:
A potential user is currently attempting to gain access to the
protected equipment, but has not yet succeeded or failed. The user
may be in the process of entering the Login Name or Password, or the
modem may be in the process of calling the user back.

Active:
A user has successfully gained access to the protected equipment, and
is in communication with it. A timeout, loss of carrier from the
modem, or loss of DTR from the DTE will cause exit to the Idle state.

Program:
The System Administrator has accessed the MSE-1. System programming
is now accessible via the Menu. Selection of the Exit option, loss of
carrier from the modem (if accessed from the DCE side), or loss of
DTR (if accessed from the DTE side) will cause exit to either the
Idle or Access states.

Mode Indicators

The Mode indicators are amber. Various combinations of the four Mode
lamps may be selected, depending upon the desired operating Mode.

Protect:
The MSE-1 is currently protecting the DTE from access. If this lamp
is extinguished, upon Carrier Detect from the modem, the MSE-1 will
immediately go into the Active State. This bypasses the MSE-1
security provisions.

Initial Password:
After receiving the Login Name from the user, the user will be
prompted for entry of a Password. If this lamp is extinguished, this
initial password request will be skipped.

Callback:
After receiving the Login Name and initial Password from the user (if
Initial Password selected), the MSE-1 will instruct the modem to call
the user back at the telephone number stored under that account. If
no telephone number is stored for the account, or if this lamp is
extinguished, this step will be skipped.

Callback Password:
After calling the user back, the user will be requested to enter a
Password. If this lamp is extinguished, this step will be skipped.

Lock Indicators

The Lock indicators are red. Any of the four possible combinations of
these two lamps may be selected.

DCE:
The MSE-1 will not accept access via the System Administrator's Login
Name to reach the Program State from the modem. If this lamp is
extinguished, permission is granted for this procedure.

DTE:
The MSE-1 will not accept access via the System Administrator's Login
Name to reach the Program State from the DTE side. If this lamp is
extinguished, permission is granted for this procedure.


2.7 Front Panel Control

     A Pushbutton located on the MSE-1 front panel is used to control
the Mode and Lock indicators. A single depression of the Pushbutton,
if released within 1.5 second, alters the Lock lamps. To obtain the
desired combination of the Lock indicators, depress and release the
Pushbutton until these lamps show the appropriate condition. The
sequence rotates from the top of the following list to the bottom,
and then restarts at the top:

               DCE Lock    DTE Lock
                  Off         Off
                  On          Off
                  Off         On
                  On          On

     To alter the Mode lamps, depress the Pushbutton and hold it
depressed. At 1.5 second intervals, the Mode lamps will change
according to the following sequence:

     Protect  Initial Password  Callback  Callback Password

     Off           Off           Off           Off
     On            Off           Off           Off
     On            On            Off           Off
     On            Off           On            Off
     On            On            On            Off
     On            Off           On            On
     On            On            On            On

When the desired Mode is reached, release the Pushbutton. If desired,
subsequently change the Lock lamps as described above.

2.8 Callback Mode

     After creating an account with a valid telephone number, change
the operating mode so that all four Mode indicator lamps are
illuminated. Call the modem, and use the new Login Name. After
entering the Password, the following message will appear:

          Calling Back. Hang Up . . .

The modem will call the specified telephone number. When carrier is
detected, the Callback Password Prompt Message will appear:

          MSE-1 Unit #1 Returning Your Call.
          Security Password:

Reenter the Password, and the Active Message will be displayed as
before.

2.9 Ongoing Usage

     Select the desired operating Mode. Add all user accounts.
Periodic reading of the Statistics can be done to determine who is
using the system. If Lockouts are higher than expected, List the
accounts, and look for any user with an unusual number of Failures.
Consult with the user to determine if he is familiar with the access
procedure. It could be that some other person is attempting to guess
that particular user's Password. If this is the case, it may be
desirable to change the Login Name of that account.

     For maximum security, leave both Lock lamps illuminated except
when it is desired to enter the Program State. This ensures that the
integrity of the account structure is maintained, even if someone
discovers the System Administrator's Login Name and Password.
3. Customization

     This chapter describes the use of the Parameter and Format
options available through the System Administrator's Menu. These are
used to customize the MSE-1's operation to meet specific
requirements.

3.1 Parameter Menu Operation

     All parameters are assigned specific Locations. The contents of
the parameter Locations can be read and modified through the use of
Menu option 4. Locations consist of two hexadecimal digits. A
hexadecimal digit is one of the following 16 characters: 0; 1; 2; 3;
4; 5; 6; 7; 8; 9; A; B; C; D; E; and F. Either upper or lower case
may be used for the alphabetic characters. There are 256 Locations
where Parameters are stored, denoted as locations 00, 01, 02, ... FE,
FF. The use of each of these Parameters is detailed in subsequent
sections.

     To access the Parameters, log in as the System Administrator.
From the Menu, type "4". The following message will appear:

               Location:

Type "00". The following line will appear:

               00 4D M

The 00 on the left indicates that Location 00 is being examined; 4D
is the hexadecimal contents of Location 00; and M is the ASCII
character represented by the hexadecimal value 4D. Type <Space> to
examine the next Location. The following line will appear:

               01 53 S

This indicates that Location 01 contains hexadecimal value 53, which
is ASCII character S. Continue typing <Space> until Location 06 is
displayed, with contents 55. Type "40". This changes the contents of
Location 06 to 40, and Location 07 is next displayed. Type "-", and
Location 06 will be redisplayed, showing that the contents are now
40. Type "55" to restore the data.

     Type <Return>, and the "Location" message will reappear. Again
type <Return>, and the Menu will be displayed.

     This demonstrates the use of the Parameters Menu option. Upon
selection, the two-character hexadecimal Location of the desired
Parameter is entered. The hexadecimal contents and ASCII value of
that Location are displayed, the latter of which is useful for
certain Parameters. To change the contents, type the replacement
hexadecimal value; to return to the "Location:" message, type
<Return>; to backup to the previous Location, type "-"; and to
advance to the next Location, type <Space> (or any other character).
To exit from the Parameters sub-Menu, type <Return> from the
"Location:" message.

     Care should be taken while in the Parameters option so as not to
inadvertently change Locations where modifications are not intended.

3.2 Timing and Related Parameters

     There are eight Parameters used to set timeout lengths, baud
rates, delays, and failures.

No Activity Time:
Location 1A. This is a value which sets the maximum number of minutes
which is to be permitted with no activity between the DTE and DCE.
Values are decimal from 00 to 99 minutes. A value of 00 deactivates
this Parameter; there will be no forced disconnection due to lack of
communications through the MSE-1.

  Factory setting = 30 minutes.

Maximum Time:
Location 1B. This is a value which sets the maximum number of hours
which is to be permitted for a single access. Values are decimal from
00 to 99 hours. A value of 00 deactivates this Parameter; there will
be no forced disconnection due to a maximum connect time being
exceeded.

     Factory setting = 5 hours.

Access Time:
Location 1E. This is a value which sets the maximum number of minutes
which is to be permitted for a user to remain in the Access State.
This time includes entering the Login Name, Password, dialing the
user back, and reentering the Password (if all such options are
selected according to the Mode). Values are decimal from 00 to 99
minutes. A value of 00 deactivates this Parameter; there will be no
forced disconnection due to exceeding a time value in the Access
State. This Parameter should be kept as small as possible for
security reasons.

  Factory setting = 2 minutes.

Error Maximum:
Location 1C. This is a value which sets the maximum number of errors
which is to be permitted while in the Access State. This count
includes entering the Login Name, Password, and reentering the
Password (if all such options are selected according to the Mode).
Upon reaching this error count, the MSE-1 will enter the Lockout
State. Values are hexadecimal from 00 to FF errors. An entry of 00
sets Error Maximum to 256. This Parameter should be kept as small as
possible for security reasons.

     Factory setting = 7 errors.

Lockout Time:
Location 1D. This is a value which sets the number of minutes which
the MSE-1 will remain in the Lockout State, reached by exceeding the
Error Maximum in the Access State. During this time, communications
and accesses are disabled, and the Idle indicator lamp flashes. When
this time elapses, the unit will return to the Idle State. This time
period may be aborted by depression of the Pushbutton. Values are
decimal from 00 to 99 minutes. A value of 00 deactivates the
Parameter; there will be no exit from the Lockout State other than
through use of the Pushbutton or a power failure.

     Factory setting = 10 minutes.

Carrier Detect Delay:
Location 19. This is a value which sets the number of seconds the
MSE-1 will delay after receiving indication of carrier detection from
the modem. If the modem sends messages upon connection, this delay
value must be set to exceed the time period for all such messages. At
the conclusion of the delay period, the MSE-1 samples the High Speed
output from the modem, and commences looking for a <Return> from the
user, if at low speed and Autobaud is selected. Otherwise, the Login
Prompt Message will be sent at the conclusion of this delay. Values
are hexadecimal, ranging from 00 to FF. A value of 00 delays 256
seconds; other values correspond to the hexadecimal value. This
Parameter should be kept as small as possible.

     Factory setting = 3 seconds.

Default Baud Rate:
Location 17. This is a value which sets the baud rate used for access
via the DTE port. If Autobaud is not selected, and the High Speed
line from the modem is inactive, this baud rate will also be used for
access via the modem. The hexadecimal value shown in the following
table corresponding to the desired baud rate is entered as the
contents of this Location. Changing this Parameter will not change
the current baud rate; it takes effect on the next Access. Care
should be taken to ensure that this Parameter is entered properly;
incorrect values will cause loss of communications.

     Factory setting = 15 (1200 baud).

               Baud Rate  Parameter Value

                 50           4D
                 75           46
                110           3F
                134.5         38
                150           31
                200           2A
                300           23
                600           1C
               1200           15
               2400           0E
               4800           07
               9600           00

High Speed Baud Rate:
Location 18. This is a value which sets the baud rate used for access
via the modem when the High Speed line from the modem is active. The
hexadecimal value shown in the preceding table corresponding to the
desired baud rate is entered as the contents of this Location.
Changing this Parameter will not change the current baud rate; it
takes effect on the next Access. Care should be taken to ensure that
this Parameter is entered properly; incorrect values will cause loss
of communications.

     Factory setting = 15 (1200 baud).


3.3 Message Parameters

     Messages sent from the MSE-1 to the DCE and DTE ports are stored
in ASCII form. The ASCII code assigns hexadecimal values 00 through
7F with 128 printing and nonprinting characters. Any of the 128
possible values may be included in the messages generated by the
MSE-1. Appendix B depicts the printing ASCII values.

     There is no restriction on the length of particular messages,
other than the overall total length of all messages. Messages are
created by intermixing representations for ASCII characters with
special codes. Messages consist of a sequence of hexadecimal values
having meaning according to the following chart:

          Message Codes

     00 - 7F: Send the literal ASCII character
     80:      Pause 256 seconds
     81 - F4: Pause 1 - 116 seconds
     F5:      Send the Unit ID
     F6:      Send the User's Login Name
     F7:      Send the User's Telephone Number
     F8:      Send the User's number of Accesses
     F9:      Send the User's number of Failures
     FA:      Send the current Baud Rate
     FB:      Raise the DCE's DTR lead (modem)
     FC:      Lower the DCE's DTR lead (modem)
     FD:      Raise the DTE's DSR and CD leads
     FE:      Lower the DTE's DSR and CD leads
     FF:      End of message

Characters are transmitted at the current Baud Rate, whether
transmission is to the DCE or the DTE ports. For accesses initiated
on the DCE side, this is determined by the High Speed Baud Rate if
the High Speed signal is active; by the received speed of the initial
<Return> if Autobaud is set and the High Speed signal is inactive;
and otherwise by the Default Baud Rate. Accesses initiated on the DTE
side are always at the Default Baud Rate. All message text must end
with FF. This does not produce any transmitted characters. Special
codes shown do not produce leading or trailing spaces.

     There are 12 messages which are sent by the MSE-1, depending
upon the progression between states. Space is provided to store a
total of 208 characters for all of these messages; this storage area
can be allocated between the various messages as desired for any
particular application. Locations 30 through FF are reserved for
these messages.

     Since it is possible to arrange the text for the messages in
various fashions, the beginning of each message must be identified
for each of the 12 messages. The Locations which contain the starting
Location for each of these messages are shown below. The text
contents are listed as shipped from the factory for each. Characters
shown within quotation marks are ASCII characters, which fall within
the range 00-7F.

Initialization Message:
Location 20. This message is sent to the DCE (modem) upon power-up.
This is used to set modem defaults which cannot be set by default
switches located on the modem and are not stored in nonvolatile
memory within the modem. It is recommended that a pause always be
placed at the start of this message text to ensure that the modem has
completed initialization, and is prepared to receive commands from
the MSE-1.

     Location 20 Factory setting: 30
     Text Factory setting (Locations 30 - 3F):
           "ATE0F1Q1S7=255", <Return>, FF

Login Prompt Message:
Location 21. This message is initiated from the Idle State upon
notification of access. This occurs after a character is received
from the DTE port, to that port, or after recognition of carrier
detection from the modem and the baud rate has been established, to
the DCE port.

     Location 21 Factory setting: 40
     Text Factory setting (Locations 40 - 53):
           <Return>, <LF>, <LF>, F5, <Return>, <LF>,
           "Security ID: ", FF

Password Prompt Message:
Location 22. This message is sent when an Initial Password is to be
received.

     Location 22 Factory setting: 6C
     Text Factory setting (Locations 6C - 81):
           <Return>, <LF>, "Security Password: ", FF

Calling Back Message:
Location 23. This message is sent to the user just prior to hanging
up the line in preparation to calling the user back.

     Location 23 Factory setting: 82
     Text Factory setting (Locations 82 - A2):
           <Return>, <LF>, "Calling Back. Hang Up . . .",
           <Return>, <LF>, <LF>, FF

Active Message:
Location 24. This message is sent to the user after access has been
authorized, just prior to entering the Active State.

     Location 24 Factory setting: A3
     Text Factory setting (Locations A3 - D9):
          <Return>, <LF>, F6, ", ", FA, " Baud", <Return>, <LF>,
          F9, " Previous Failed Attempts", <Return>, <LF>,
          F8, " Accesses", <Return>, <LF>, <LF>, FF

Callback Password Prompt Message:
Location 25. This message is sent to the user after the callback has
been performed, if the Mode requires a callback Password.

     Location 25 Factory setting: 54
     Text Factory setting (Locations 54 - 6B):
          <Return>, <LF>, F5, " Returning Your Call."
Note that this does not include an ending FF, and therefore continues
with the same text as for the Password Prompt Message.

Logoff Message:
Location 26. This message is sent to the DTE port upon disconnection
from the modem, either forced or natural. The DSR and CD leads are
automatically lowered, without specifically including in the message
text. This message can be used to force a system logoff for systems
which do not automatically log the user off with the loss of carrier.

     Location 26 Factory setting: DA
     Text Factory setting (Locations DA - E2):
          <^C>, "Logoff", <Return>, FF

Hang Up Modem Message:
Location 27. This sequence is sent to the DCE port (modem) to force a
hangup.

     Location 27 Factory setting: E3
     Text Factory setting (Locations E3 - E5):
          FC, 85, FF
This lowers the DTR lead to the modem and pauses five seconds to
ensure a disconnection and bypass any responses the modem sends back.

Extension Dialing Message:
Location 28. This message is sent to the modem when it is determined
that a callback is being made to the user, and the user's Telephone
Number is from 1 to 6 digits in length. It is sent after sending the
Calling Back Message and the Hangup Message, and is intended to
instruct the modem to dial the user's Telephone Number.

     Location 28 Factory setting: E6
     Text Factory setting (Locations E6 - ED):
           FB, 82, "ATD", F7, <Return>, FF.

The DTR lead is raised (it was lowered by the Hang Up Modem Message)
prior to issuing the dial command.

Local Dialing Message:
Location 29. This message is sent to the modem when it is determined
that a callback is being made to the user, and the user's Telephone
Number is 7 digits in length. It is sent after sending the Calling
Back Message and the Hangup Message, and is intended to instruct the
modem to dial the user's Telephone Number.

     Location 29 Factory setting: E6

The Factory setting uses the same text as for the Extension Dialing
Message.

Same Area Code Toll Dialing Message:
Location 2A. This message is sent to the modem when it is determined
that a callback is being made to the user, and the user's Telephone
Number is 8 digits in length. It is sent after sending the Calling
Back Message and the Hangup Message, and is intended to instruct the
modem to dial the user's Telephone Number.

     Location 2A Factory setting: E6

The Factory setting uses the same text as the Extension Dialing
Message.

Long Distance Dialing Message:
Location 2B. This message is sent to the modem when it is determined
that a callback is being made to the user, and the user's Telephone
Number is 9 or 10 digits in length. It is sent after sending the
Calling Back Message and the Hangup Message, and is intended to
instruct the modem to dial the user's Telephone Number.

     Location 2B Factory setting: EE
     Text Factory setting (Locations EE - F6):
          FB, 82, "ATD1", F7, <Return>, FF


     The use of the four different Dialing Messages permits a variety
of telephone dialing sequences to automatically be performed. For the
case of an internal PBX system, users who are accessed through the
PBX will have extension numbers stored as their Callback Telephone
Numbers; these are less than 7 digits in length. Outside calls
generally require first dialing "9", and possibly pausing, prior to
dialing an off premise number. These commands must be included within
the other three Dialing Messages, but not in the Extension Dialing
Message. Note that the modem itself must be capable of handling
whatever dialing options are required; the MSE-1 sends the dialing
command to the modem, and the modem then handles the dialing. Pauses
here will usually serve no purpose, since most modems do not begin
seizing the line and dialing until after receipt of the <Return>.
Programmed pauses should be entered as ASCII representations of the
appropriate pause instructions for the particular modem.

     Local telephone numbers are stored as 7 digits in the user's
account. Toll calls which require "1" + the 7-digit telephone number
for dialing should be entered as "1" + the 7-digits in the user's
account. This causes the second Dialing Message to be utilized. In
this way it is possible to use the local Telephone Company for these
calls, yet use a dialup OCC or long distance reseller for other
calls. If it is desired to use a dialup OCC or long distance reseller
for these "1" + 7-digit calls, a separate message text can be created
which includes dialing the OCC's access number, an authorization
code, and the user's number. If the carrier requires the area code
before the 7-digits, the user's telephone number should be stored
including the area code, resulting in the full ten digits, and use of
the Long Distance Dialing Message.

     Telephone numbers out of the local area code are stored with the
area code included in the user's account, using all ten digits. To
use the Telephone Company, or a presubscribed toll carrier for these
calls, all that need be done is to insert a preceding "1" in the Long
Distance Dialing Message, as shown above. If desired, an alternative
carrier can be used by following the appropriate dialing plan for
that carrier in this message text.

     Special provisions, such as international dialing, or sequences
not otherwise provided, can be handled by storing speed number codes
in the user's account instead of the user's actual telephone number.
These speed numbers will be less than 7 digits in length, and will
therefore invoke the Extension Dialing Message. This message text
should instruct the modem to dial using its internally stored speed
numbers. The special dialing provisions can be incorporated as the
speed number in the modem.

     If the modem cannot wait for carrier longer than the Access
Time, include an auto answer off command in the Dialing Messages, and
an auto answer on command in the Hang Up Modem message. It has been
assumed that users own modems capable of both originate and answer
operations. If users have originate only modems, as is sometimes the
case for acoustical couplers, the system modem must be instructed to
call the user back using reverse tones. For Hayes compatible dialing
commands, suffix an "R" to each Dialing Message. For such situations,
users with originate and answer modems cannot place their modems into
the auto answer mode. The callback should be answered with a "D"
command for Hayes compatible user modems (as opposed to an "A"
command).

     For most modems, the only changes that might require
modification from the factory settings are the Initialization
Message, and the Dialing Messages. The dialing commands are commonly
single characters, such as "D" (for "dial"), or "K" (for "keyboard
dial"), if other than the "ATD" required for Hayes compatible modems.
This can simply and quickly be modified from the factory settings by
changing the "A" and "T" to characters which are transparent to the
modem, such as <Space>. By doing so, it is not necessary to change
the starting locations.


Unit ID:
Locations 00 - 0D. This text is sent when the Unit ID code, F5, is
encountered in any of the preceding message texts. This permits
differentiation between multiple lines while retaining identical
Parameter programming for all MSE-1's. Changes can be made from the
factory setting by modifying the 14 Locations to any sequence of
ASCII characters desired. The last character must have the highest
bit set (80 hexadecimal added to the last character's ASCII value).

     Factory setting (Locations 00 - 0C):  "MSE-1 Unit #", B1

3.4 Other Parameters

Change Password Character:
Location 1F. This is the ASCII value of the character which is to be
used to permit users to change their Passwords, by preceding the
Login Name with this character. No account Login Names can begin with
the selected character. If users are not to be permitted to change
Passwords, set this Location to FF.

     Factory setting: 2B ("+").

Successes:
Locations 2C and 2D. These are the Locations where the overall number
of successful accesses is stored. This count is read by the
Statistics Menu option. This value can manually be changed, if
desired. The upper two decimal digits are stored in Location 2C, and
the lower two decimal digits are stored in Location 2D.

Lockouts:
Locations 2E and 2F. These are the Locations where the overall number
of Lockouts accumulated is stored. This count is read by the
Statistics Menu option. This value can manually be changed, if
desired. The upper two decimal digits are stored in Location 2E, and
the lower two decimal digits are stored in Location 2F.

Location 0E:
This Location is bit mapped -- the individual bits 0 through 7 have
specific meaning. They are:

              Bit                 Factory Setting

     bit 0: Initial Password             1
     bit 1: Callback                     0
     bit 2: Callback Password            0
     bit 3: Protect                      1
     bit 4: Computer Pass Through        0
     bit 5: Answerback Only              0
     bit 6: Lock DCE                     0
     bit 7: Lock DTE                     0

     Bits 0-3, 6, and 7 have identical meaning to those described in
section 2.6 regarding the front panel indicator lamps. These are
automatically modified through use of the Pushbutton. If it is
desired to change the Mode of operation via the System
Administrator's Menu, these bits can directly be written under the
Parameters option. If these bits are changed, they will take effect
for the next access.

     If the Computer Pass Through bit is set high, then the MSE-1
will not accept System Administrator access from the DTE port.
Instead, upon receipt of any character from the DTE port while the
DTR lead is high, the MSE-1 will delay one second, and go into the
Active State. It will remain in the Active State until the DTR lead
goes low. While in this state, the DSR or CD lead (depending upon
jumper selection) state is reflected to the DSR and CD leads on the
DTE port. This effectively makes the MSE-1 transparent for the
purpose of permitting a computer connected to the DTE port to
directly control the modem. To activate, the computer must send a
character, pause more than one second, and from that point forward
treat the modem as if the MSE-1 were not in the line. The computer
must lower (and raise) the DTR lead to restore normal operation.

     The Answerback Only bit is set high when the MSE-1 is to perform
line identification only. In this case, upon access from the modem,
the Login Prompt Message will be sent, and the unit will then
immediately enter the Active State. The Login Prompt Message should
be set to identify the particular modem. If the Answerback Only bit
is set, it is not possible to reach the System Administrator's Menu
from the modem port; and if the Computer Pass Through bit is set in
addition, it is not possible to reach the Menu from the DTE port
either. Should this situation arise, consult section 4.2 to reach the
Menu.

Location 0F:
This Location is bit mapped -- the individual bits have specific
meaning. They are:

                 Bit                    Factory Setting

     bit 0: Transmit Odd Parity or Mark        0
     bit 1: Single Unit Pushbutton             1
     bit 2: No Parity                          0
     bit 3: No Autobaud                        0
     bit 6: DCE Echo                           1
     bit 7: DTE Echo                           1

     Transmitted characters consist of data bits 0-6, plus bit 7.
Determination of bit 7 is made by the combination of Transmit Odd
Parity or Mark, and No Parity. If No Parity is set high, then the
meaning of Location 0F, bit 0 is Transmit Mark; if this is set high,
then all transmitted characters will have bit 7 set high (mark); if
Transmit Mark is low, then all transmitted characters will have bit 7
set low (space). If No Parity is low, then instead of jamming bit 7
to a high or a low level, parity is calculated. In this case, the
meaning of Location 0F, bit 0 is Transmit Odd Parity; if this is set
high, then all transmitted characters will have bit 7 set such that
the overall parity of bits 0-7 is odd (an odd number of 1's); if
Transmit Odd Parity is low, then bit 7 will be set to generate even
parity (an even number of 1's).

     If No Autobaud is set high, then the MSE-1 will not expect an
initial <Return> upon access from the modem, and will use either the
Default Baud Rate, or the High Speed Baud Rate. If No Autobaud is set
low, then the MSE-1 will expect an initial <Return> upon access from
the modem without High Speed indication. The MSE-1 will determine the
received baud rate from the <Return>, and proceed with the Login
Prompt Message. The baud rate must be one of the following: 50, 75,
110, 134.5, 150, 200, 300, 600, 1200, 2400, 4800, or 9600.

     If the DCE Echo bit is set high, then any characters received by
the MSE-1 from the modem (the DCE port) in the Access and Program
States will be echoed back to the modem. If the DTE Echo bit is set
high, then any characters received by the MSE-1 from the computer
(the DTE port) in the Access and Program States will be echoed back
to the computer. These controls have no effect in the Active State.

     The MSE-1 always transmits one start bit, and two stop bits. The
value of bit 7 for characters received by the unit is ignored.
Selection of a jam bit or parity bit is required only to match user
terminal characteristics for access. During the Active State, data
bytes transmitted in either direction through the MSE-1 are directly
transferred, without buffering in time; in fact, once in the Active
State, the baud rate may be changed to any value without consequence
to the MSE-1.

     In a multiple line configuration, if Single Unit Pushbutton is
set high, then the MSE-1's Pushbutton will control that one unit
only. If Single Unit Pushbutton is set low, then the Pushbutton will
control all MSE-1 units connected together.                           
            
3.5 User Account Database

     As factory set, the MSE-1 allows a maximum of 15 characters per
Login Name, and can hold up to 58 user accounts. If this is
satisfactory for the intended application, this section can be
skipped.

     The structure of the user account database can be customized to
alter the above configuration. This is controlled by the following
Parameters:

Login Name Length:
Location 10. The maximum number of characters permitted in a Login
Name. Hexadecimal value.

     Factory setting is 0F (15 decimal).

Password Offset:
Location 12. The number of bytes from the beginning of the account
where the user's Password is stored. Hexadecimal value. If Passwords
are not to be stored, this Location should be set to FF.

     Factory setting is 0F (15 decimal).

Telephone Number Offset:
Location 13. The number of bytes from the beginning of the account
where the user's Telephone Number is stored. Hexadecimal value. If
Telephone Numbers are not to be stored, this Location should be set
to FF.

     Factory setting is 11 (17 decimal).

Accesses Offset:
     Location 14. The number of bytes from the beginning of the
account where the user's cumulative number of Accesses is stored.
Hexadecimal value. If statistics are not to be stored, this Location
should be set to FF.

     Factory setting is 16 (22 decimal).

Failures Offset:
Location 15. The number of bytes from the beginning of the account
where the user's number of Failures since the last successful access
is stored. Hexadecimal value. If statistics are not to be stored,
this Location should be set to FF.

     Factory setting is 18 (24 decimal).

Next Account Offset:
Location 16. The number of bytes from the beginning of the account
where the next user's account begins. Hexadecimal value.

     Factory setting is 19 (25 decimal).

     The only field in the account database which is mandatory is the
Login Name. All other fields are optional, and may be removed if not
needed, to increase the number of accounts which can be stored. The
overall number of bytes available for the account database is 1460.
The number of bytes which each user account requires can be
determined as follows:


              Field             Length

          Login Name:          variable       (required)
          Password:               2           (optional)
          Telephone Number:       5           (optional)
          Statistics:             3           (optional)

     To customize the account database, determine how many characters
to allocate for the Login Name; and decide whether to include the
Password, Telephone Number, and Statistics fields. Divide 1460 by the
sum of the lengths of each field selected to ascertain the maximum
number of user accounts. For example: if either 4-character Login
Names are to be used with Passwords, or 6-character Login Names are
to be used without Passwords, and no other fields are to be included,
then each user account requires 6 bytes. 1460 divided by 6 yields 243
users.

     Set Login Name Length to the selected value. If Passwords are to
be included, set Password Offset to the same value; otherwise, set
Password Offset to FF. If Telephone Numbers are to be included, set
Telephone Number Offset to Login Name Length if Passwords are not
included, or to Login Name Length plus 2 if Passwords are included;
otherwise, set Telephone Number Offset to FF. If Statistics are
included, set Accesses Offset to Login Name Length + 2 (if Passwords
are included) + 5 (if Telephone Numbers are included); otherwise, set
Accesses Offset to FF. If statistics are to be included, set Failures
Offset to Accesses Offset + 2; otherwise, set Failures Offset to FF.
Set Next User Offset to the number of bytes per user account.

     Once these Locations have been changed, do not exit or use the
Account Menu option until formatting has been performed. Verify that
the above Locations are set properly before proceeding. Exit the
Parameters Option, and select Menu option 6 (Format). The following
message will appear:

               * to Wipe:

Type "*". The entire user account database will be formatted
according to the new account specifications. This DESTROYS all
current accounts, and takes several seconds to complete. When done,
the Menu will reappear. IMMEDIATELY select option 3 (Accounts) and
add the System Administrator's account. User accounts can be added as
required.

     The Format option can be used as a quick method to clear out all
accounts; just be certain to replace the Super account after
completion.



4. Hardware

     This chapter discusses jumper options, hardware Menu access, and
system configuration.

4.1 Jumper Options

     Seven jumper options are provided through the use of
two-position shorting clips. To gain access to these clips, unplug
the MSE-1 from its power source, gently lift the rear of the top
cover, and slide the cover to the rear. The jumpers are located on
the top of the circuit board, behind the DTE connector. Refer to fig.
4-1. Each of the jumpers consists of three pins, of which the center
may be shorted to either of the two outside pins. Position 1 denotes
the shorting clip to the rear of the unit (towards the RS-232
connectors); position 2 denotes the shorting clip to the front of the
unit (towards the indicator lamps). To change a setting, grasp the
shorting clip and pull up; position the clip over the opposite pair
of pins, and push down until the clip is firmly seated. Factory
settings for all jumpers are position 1.

Ground:
Position 1 connects case ground to signal ground (RS-232 pins 1 and
7). In all situations, the case and signal grounds between the DTE
and DCE RS-232 connectors are connected through in two pairs.

DTR:
Position 1 is used when the DTR lead on the DTE port is active. If
the DTE does not support the DTR signal, utilize position 2. In this
situation, Computer Pass Through operation cannot be performed (there
is no signal to indicate the end of the operation).

Ring:
Position 1 connects the Ring Indicator line (RS-232 pin 22) through
from the DCE port to the DTE port. Position 2 places a fixed negative
voltage on the DTE Ring Indicator line, preventing the modem from
signalling the computer that incoming calls are arriving.

Sense:
Position 1 selects Carrier Detect (RS-232 pin 8) from the modem (DCE)
as the controlling element. This signal is used to inform the MSE-1
that an incoming call has been received, and that a transition to the
Access State is required. It is also used to determine, after
instructing the modem to dial the user back, when the user has
answered and provided carrier. During the Computer Pass Through and
Active States, this signal is placed on the Carrier Detect and DSR
(RS-232 pins 6 and 8) leads of the DTE port. Position 2 selects the
DSR lead from the modem as the controlling element.

High Speed:
Position 1 enables detection of the High Speed signal (RS-232 pin 12)
from the modem. If it is desired to Autobaud even if this line is
asserted, utilize position 2. This inhibits recognition of the High
Speed signal.

Gang Out:
Position 1 enables outputs from the MSE-1 unit to other MSE-1 units
connected together. Position 2 disables these outputs.

Gang In:
Position 1 enables reception of outputs from other MSE-1 units.
Position 2 disables recognition from these units.

4.2 Hardware Menu Access

     Should the System Administrator's account inadvertently be
removed and the Menu exited, or both Computer Pass Through and
Answerback Only bits set, it will not be possible to access the Menu
in the usual fashion. In the event that this occurs, use the
following procedure to reach the Menu. In a multiple configuration,
if the problem is loss of the System Administrator's account, but at
least one unit is accessible, issue a Copy command (section 5.4) from
it. This will restore that account in all units.

     Connect an ASCII terminal through a null modem cable directly to
the DCE connector. The terminal must assert the DTR lead (which will
appear on the DSR lead through the null modem cable). Set the Sense
jumper option to Position 2. Select any of the available baud rates.
Unplug the MSE-1 from its power source, and pause ten seconds.
Depressing the Pushbutton and holding it in, power up the MSE-1. All
indicator lamps will briefly illuminate, and the DCE Lock and DTE
Lock lamps will then extinguish. Release the Pushbutton. Type
<Return>. The MSE-1 will display the statistics, and provide the
System Administrator's Menu. When the session is complete, restore
the Sense jumper to its original position.

     An alternative method using the modem and not requiring cable
changes is as follows. Configure the modem so that it ignores the
status of the incoming DTR lead (switch 1 down for the Hayes
Smartmodem). Dial into the modem, letting it answer and provide
carrier. Follow the preceding procedure.

4.3 Block Diagram

     Figure 4-2 shows a block diagram of the unit. All pins on the
RS-232 connectors are directly passed through with exception of the
following: 2, 3, 6, 8, 12, 20, and 22.

     The switches shown in the RS-232 section are conceptual only,
and are implemented fully with solid state switches.



Figure 4-1.  Jumper Locations
Figure 4-1.  Jumper Locations

Board Photo
MSE-1 Circuit Board

Figure 4-2.  Block Diagram
Figure 4-2.  Block Diagram

5. The Multiple Configuration

     Multiple line configurations are best addressed by the rack
mount version of the MSE-1. In this arrangement, up to 16 MSE-1's are
housed in a single 5.25 inch high equipment cage suitable for
mounting in a standard 19 inch rack. Multiple cages can be
interconnected to effectively create a single large system.

5.1 Pushbutton Operation

     Assuming that the Gang In and Gang Out jumpers are in Position 1
(section 4.1), if the Single Unit Pushbutton bit is set low (section
3.4), then any Mode or Lock changes made via the MSE-1's Pushbutton
control all MSE-1 units in the system. Each time the Pushbutton is
released, Location 0E is copied from the affected unit to all other
units.

     If the Single Unit Pushbutton bit is set high, then use of a
unit's Pushbutton will affect only that unit; no broadcast is made to
other MSE-1's. Typically, one unit is selected to transmit Pushbutton
activity to the entire system, and all other units used for
individual Pushbutton activity. This permits rapid global Mode
changes to be performed, while retaining individual control.

5.2 Unit ID

     The unit identification provided (section 3.3) is primarily for
use in the multiple line configuration. It supplies a separate
identity for each unit, so that users calling a single access number
for an entire hunt group will have information as to what line is
accessed.

5.3 Automatic Updates

     The individual user statistics parameters (number of Accesses
and number of Failures) in addition to the global statistics
accumulators (number of Successes and number of Lockouts), when
changed, are immediately broadcast to all MSE-1's in the system.
Additionally, user Password changes automatically cause an update in
all units.

5.4 Copying

     Option 5 of the System Administrator's Menu provides the ability
to copy Parameters and the user account database from a single MSE-1
unit to all others. When this option is selected, Locations 10 and
above are broadcast. This does not alter the individual Unit ID's,
the Mode, or the Single Unit Pushbutton bit. After changing and
verifying Parameters and user accounts, this option should be
activated. It requires nominally two minutes for completion. DTE/DCE
communications of receiving units, in the Active State, are not
disturbed during the copy process.

     Neither Location 0E nor 0F are altered by a copy operation; it
is intended that the Pushbutton be used to modify the Mode. Location
0F contains the Single Unit Pushbutton bit, and is not transmitted to
prevent affecting that control. For initial system setup, any
communications parameter bits which are altered from the factory
settings in Location 0F should be handled individually, as well as
the Unit ID.

5.5 Connection of Individual MSE-1's

     To retrofit several individual MSE-1 units, not in a cage
configuration, into a multiple configuration, all that need be done
is to parallel pins 1 and 2 of the respective power connectors. Care
should be taken to ensure that the lines are not transposed.

     Alternatively, a cage housing may be purchased to convert the
units into the standard multiple configuration. To do so, remove the
four mounting screws on the rear of the individual housings, and
slide out the printed circuit cards. Insert the boards into the cage,
and attach the connectors.

5.6 Card Removal/Insertion

     This section describes how to access individual cards in the
rack mount configuration so that jumper settings may be altered or
new cards added for system expansion.

     To remove a card from the cage, first unplug both RS-232 cables
and the power cable from the desired card. Remove any rack mounting
bolts, and the two bolts from the right and left sides of the front
panel. Gently lift the front panel off of the LED's; slide the
desired card out of the cage.

     To insert a card into the cage, remove the front panel as
described above. Slide the card into the cage in the appropriate
guide slot. Do not attempt to replace the front panel by forcing all
card LED's through the panel simultaneously. Instead, place the front
panel a fraction of an inch in front of the cage assembly, and one by
one, slide each card forward so that the LED's fit into the panel.
This is done with a finger above and below the panel, in the front
access space of the cage. Do not force the card, and be careful not
to bend the LED's or pushbutton switch in the process. This is best
accomplished by pushing the LED's themselves rather than the card
edges. If misalignment occurs, the affected LED can be reached from
the top and bottom access space and realigned into the panel hole.
After all cards are slid forward into the panel, push the entire
front panel assembly with the cards toward the back of the cage until
the panel is flush with the cage. Replace the two bolts mounting the
panel to the cage and connect the power plug and the RS-232 cables.
The card cage can be remounted into the rack.

5.7 Multiple Cages

     To connect two or more cages together so that a single database
can be used for all cages in the system, a connecting cable is
required. Remove AC power from all cages to be interconnected. Two
cages are handled as follows. Unplug the power cables at the card
cage nd, and connect the transformer side into the connecting cable;
plug the connecting cable into the cage connector. Repeat for the
other card cage with the opposite end of the connecting cable.

     If three or more cages are to be interconnected, repeat the
above process for each cage; daisy chain from one cage to the next.
In this case, two connecting cables will be inserted between the
transformer connector and the cage connector for all cages except the
first and the last, which retain only one interconnection cable
interposed.

     When multiple cages are interconnected, the AC should be applied
and removed simultaneously to all cages. Plug each cage's power cord
into a power strip with an on/off switch, and use that switch as the
master power control.
6. DTE Access

     To access the System Administrator's Menu from the DTE port,
connect an ASCII terminal to the DTE port. If the terminal does not
generate a DTR signal, place the DTR jumper in Position 2 (section
4.1). Set the terminal to the Default Baud Rate (section 3.2). Turn
the DTE Lock indicator lamp off (section 2.7). Type any character;
the MSE-1 will respond with the Login Prompt Message. Log in as the
System Administrator, and the Menu will be displayed. Loss of DTR
will immediately terminate the session.

     If the MSE-1 is connected to a computer system which provides a
terminal package, permitting direct access to the MSE-1's DTE port,
this method can be used to program the unit. Software resident on the
computer can be used to automatically read account information, by
emulating the steps necessary to List accounts.

     If the Computer Pass Through bit is set high (section 3.4), Menu
access from the DTE port is precluded.
7. Formal Operational Description

7.1 Idle State

Idle:
   Illuminate Idle indicator lamp
   Lower DSR and Carrier Detect to DTE
   Copy DTR from DTE to DCE
   Isolate communications between DTE and DCE
   Initialize baud rate to Default Baud Rate
   Idle Loop:
      If Carrier Detect
         Go to Access
      Else
         If DTR from DTE is high
            If receiving a character from DTE
               If Computer Pass Through is high
                  Pause one second
                  Go to Active
               Else
                  Go to Access
         If Pushbutton is depressed
            Modify Mode and Lock
         Go to Idle Loop

7.2 Access State

Access:
   Illuminate Access indicator lamp
   Initialize Minute Timer to Access Time
   If Access is from DCE port
      If Protect is low
         Go to Active
      Else
         Pause Carrier Detect Delay seconds
            If High Speed is high
               Set baud rate to High Speed Baud Rate
            Else
               If No Autobaud is low
                  Wait for <Return> and read baud rate
   Getting Account:
      Send Login Prompt Message
      If Access is from DCE port
         If Answerback Only is high
            Go to Active
   Read Login Name from user
      If not in user account database
         If made less than Error Maximum mistakes
            Go to Getting Account
         Else
            Go to Lock Out
      Else
         If Initial Password is high
            Getting Password:
               Send Password Prompt Message
               Read Password from user
               If incorrect
                  If made less than Error Maximum mistakes
                     Go to Getting Password
               Else
                  User Failure:
                     Increment user's Failures
                     Broadcast user's Failures
                     Go to Lock Out
      If access is from DCE
         If Callback is high
            If user has a Telephone Number
               Send Calling Back Message
               Send Hang Up Message
               If Telephone Number less than 7 digits
                  Send Extension Dialing Message
               Else
                  If Telephone Number is 7 digits
                     Send Local Dialing Message
                  Else
                     If Telephone Number is 8 digits
                        Send Same Area Code Toll Dialing Message
                     Else
                        Send Long Distance Dialing Message
               Waiting for Answer:
                  If Minute Timer expired
                     Go to Disconnect
                  Else
                     If Carrier Detect is low
                        Go to Waiting for Answer
               If Callback Password is high
                  Repeating Password:
                     Send Callback Password Prompt Message
                     Read Password from user
                        If incorrect
                           If Error Maximum mistakes made
                              Go to User Failure
                           Else
                              Go to Repeating Password
      Increment Successes
      Increment user's Accesses
      Zero user's Failures
      Broadcast Successes, Accesses, Failures
      If Password Change was requested
         Change Password:
         Ask for new Password
         Read Password from user
         If Not <Return>
            Ask to repeat new Password
            If different
               Go to Change Password
            Else
               Modify user's Password
               Broadcast user's Password
      If System Administrator Account
         If no error made in Login Name
            If access from DCE
               If DCE Lock
                  Go to Idle
               Else
                  Go to Program
            Else
               If DTE Lock
                  Go to Idle
               Else
                  Go to Program
      Send Active Message
      Go to Active
Lock Out:
   Increment Lock Outs
   Broadcast Lock Outs
   Locking Out:
      Flash Idle indicator lamp
      If Pushbutton is depressed
         Go to Idle
      Else
         If Lockout Time reached
            Go to Disconnect
         Else
            Go to Locking Out

Disconnect:
   Send Hang Up Message to DCE
   Send Logoff Message to DTE
   Go to Idle


7.3 Active State

Active:
   Illuminate Active indicator lamp
   Initialize Hour Timer to Maximum Time
   Initialize Minute Timer to No Activity Time
   Activate communications between DTE and DCE
   Communicating:
      If data being transferred
         Initialize Minute Timer to No Activity Time
      If Pushbutton is depressed
         Modify Mode and Lock
      Copy DCE's Carrier Detect to DTE's DSR and Carrier Detect
      If DTE's DTR lead is low
         Go to Disconnect
      Else
         If Not in Computer Pass Through State
            If Carrier Detect is low
               Go to Disconnect
            Else
               If Protect is high
                  Check Minute and Hour Timers
                     If either expired
                        Go to Disconnect
      Go to Communicating


7.4 Program State

Program:
   Illuminate Program indicator lamp
   Menu:
      Display System Administrator's Menu
      Read option
      If option 0
         Go to Idle
      Else
         Perform requested function
         Go to Menu
8. In Case of Difficulty

     Should a problem be encountered in interfacing the MSE-1 in a
specific environment, and difficulty persists after consulting this
chapter, it is recommended that this manual be read in its entirety.

8.1 Hardware Problems

     Reconnect the DTE and modem, bypassing the MSE-1, and verify
that the modem auto answers incoming calls, and proper communication
is established through to the DTE. Verify that the modem's connector
is in the DCE configuration, and the protected equipment is in the
DTE configuration. If null modem cables are used in the original
setup, then the configurations presented to the MSE-1 might be
reversed. Be certain that there is a straight cable between the modem
and the DCE port; whatever cable works properly between the protected
equipment and the modem without the MSE-1 in the path should be
connected to the MSE-1's DTE port.

     Check that the DTE device generates a DTR signal, and that it is
active (high). If it is low, or not present, the DTR jumper must be
set to position 2 (section 4.1). The modem should be configured to
accept a DTR signal (even if the DTE device does not generate it; the
MSE-1 does). This is not essential, but simplifies the Hang Up
Message. Verify that the modem generates a Carrier Detect signal on
RS-232 pin 8; in some modems, a command must be issued to activate
the lead. If this signal is not available, try the DSR signal on
RS-232 pin 6; set the Sense jumper to position 2 (section 4.1).

8.2 Command Problems

     Be certain that the Carrier Detect Delay is set long enough to
ensure that any response sent by the modem is bypassed. Test the Hang
Up Message by accessing the unit and letting it time out while in the
Access State. The modem should hang up the call in two minutes
(factory setting). The factory setting for the Hang Up Message lowers
the DTR lead and pauses. The pause time may need to be increased. If
the DTR lead cannot be used to disconnect a call, the Hang Up Message
can be set to achieve command state and hang up the call. This can
often be done by pausing two seconds, sending "+++", and pausing two
seconds. Follow this with the modem's hang up command.

     If the system operates properly exclusive of the Callback Mode,
verify that the Dialing Messages are matched to the modem. Longer
pauses may need to be used prior to issuing the dial command. If the
modem is sluggish in lowering its Carrier Detect output upon loss of
carrier, pauses may need to be placed after the dialing sequence,
particularly if it is necessary to utilize the DSR signal instead of
the Carrier Detect signal.

8.3 Test Arrangements

     If problems persist between the modem and the MSE-1, connect an
ASCII terminal through a null modem cable to the DCE port. Place the
Sense jumper in position 2 (section 4.1). Simulate an incoming call
by raising the terminal's DTR lead (usually automatic), and check to
see that the Access indicator lamp illuminates. Proceed and observe
the commands sent by the MSE-1 to the terminal. If all operates
properly in this test configuration, but not with the modem, it may
be necessary to monitor the communications between the MSE-1 and the
modem.

     A monitor cable can be assembled as shown in fig. 8-1. Connect
the modem, MSE-1, and monitor terminal as indicated. Dial into the
modem with another terminal, and observe the command transactions.
Characters transmitted by both the modem and the MSE-1 will be
observed on the monitor terminal. Double character displays are a
result of DCE Echo being set; this is normal. Monitoring the data
transmissions and the DTR, Carrier Detect, and DSR leads should serve
to point out any areas of difficulty.



Figure 8-1.  Monitor Cable Connection
Figure 8-1.  Monitor Cable Connections


Appendix A. Hexadecimal Bit Map

     A byte consists of two hexadecimal nibbles. The upper four bits
are represented by the first nibble, and the lower four bits by the
second nibble.

Bit-7   Bit-6   Bit-5   Bit-4   Bit-3   Bit-2   Bit-1   Bit-0
              |                               |
        First Nibble                    Second Nibble

Each nibble consists of one of the following:

Hexadecimal Nibble Character       Bits  
             0                    0 0 0 0
             1                    0 0 0 1
             2                    0 0 1 0
             3                    0 0 1 1
             4                    0 1 0 0
             5                    0 1 0 1
             6                    0 1 1 0
             7                    0 1 1 1
             8                    1 0 0 0
             9                    1 0 0 1
             A                    1 0 1 0
             B                    1 0 1 1
             C                    1 1 0 0
             D                    1 1 0 1
             E                    1 1 1 0
             F                    1 1 1 1
Appendix B. Hexadecimal/ASCII Table

Hex Code  ASCII Character         Hex Code  ASCII Character

   20         <Space>                50            P
   21            !                   51            Q
   22            "                   52            R
   23            #                   53            S
   24            $                   54            T
   25            %                   55            U
   26            &                   56            V
   27                                57            W
   28            (                   58            X
   29            )                   59            Y
   2A            *                   5A            Z
   2B            +                   5B            [
   2C            ,                   5C            \
   2D            -                   5D            ]
   2E            .                   5E            ^
   2F            /                   5F            _
   30            0                   60            `
   31            1                   61            a
   32            2                   62            b
   33            3                   63            c
   34            4                   64            d
   35            5                   65            e
   36            6                   66            f
   37            7                   67            g
   38            8                   68            h
   39            9                   69            i
   3A            :                   6A            j
   3B            ;                   6B            k
   3C            <                   6C            l
   3D            =                   6D            m
   3E            >                   6E            n
   3F            ?                   6F            o
   40            @                   70            p
   41            A                   71            q
   42            B                   72            r
   43            C                   73            s
   44            D                   74            t
   45            E                   75            u
   46            F                   76            v
   47            G                   77            w
   48            H                   78            x
   49            I                   79            y
   4A            J                   7A            z
   4B            K                   7B            {
   4C            L                   7C            |
   4D            M                   7D            }
   4E            N                   7E            ~
   4F            O

   0A          <LF>  (line feed)
   0D          <Return>
Appendix C.  Parameter Summary

Location       Parameter
  00-0D        Unit ID
  0E           Bit 0: Initial Password
               Bit 1: Callback
               Bit 2: Callback Password
               Bit 3: Protect
               Bit 4: Computer Pass Through
               Bit 5: Answerback Only
               Bit 6: DCE Lock
               Bit 7: DTE Lock
  0F           Bit 0: Transmit Odd Parity or Mark
               Bit 1: Single Unit Pushbutton
               Bit 2: No Parity
               Bit 3: No Autobaud
               Bit 6: DCE Echo
               Bit 7: DTE Echo
  10           Login Name Length
  12           Password Offset
  13           Telephone Number Offset
  14           Accesses Offset
  15           Failures Offset
  16           Next Account Offset
  17           Default Baud Rate
  18           High Speed Baud Rate
  19           Carrier Detect Delay (seconds)
  1A           No Activity Time (minutes)
  1B           Maximum Time (hours)
  1C           Error Maximum
  1D           Lockout Time (minutes)
  1E           Access Time (minutes)
  1F           Change Password Character
  20           Initialization Message Location
  21           Login Prompt Message Location
  22           Password Prompt Message Location
  23           Calling Back Message Location
  24           Active Message Location
  25           Callback Password Prompt Message Location
  26           Logoff Message Location
  27           Hang Up Message Location
  28           Extension Dialing Message Location
  29           Local Dialing Message Location
  2A           Same Area Code Toll Dialing Message Location
  2B           Long Distance Dialing Message Location
  2C           Upper half of Successes
  2D           Lower half of Successes
  2E           Upper half of Lockouts
  2F           Lower half of Lockouts
  30-FF        Message Area
Appendix D. Parameter Factory Settings

Location                Hexadecimal Contents                      ASCII

   00    4D 53 45 2D  31 20 55 6E  69 74 20 23  B1 FF 09 C2  MSE-1 Unit #....
   10    0F 00 0F 11  16 18 19 15  15 03 30 05  07 10 02 2B  ..........0....+
   20    30 40 6C 82  A3 54 DA E3  E6 E6 E6 EE  00 00 00 00  0@l..T..........
   30    41 54 45 30  46 31 51 31  53 37 3D 32  35 35 0D FF  ATE0F1Q1S7=255..
   40    0D 0A 0A F5  0D 0A 53 65  63 75 72 69  74 79 20 49  ......Security I
   50    44 3A 20 FF  0D 0A F5 20  52 65 74 75  72 6E 69 6E  D: .... Returnin
   60    67 20 59 6F  75 72 20 43  61 6C 6C 2E  0D 0A 53 65  g Your Call...Se
   70    63 75 72 69  74 79 20 50  61 73 73 77  6F 72 64 3A  curity Password:
   80    20 FF 0D 0A  43 61 6C 6C  69 6E 67 20  42 61 63 6B   ...Calling Back
   90    2E 20 48 61  6E 67 20 55  70 20 2E 20  2E 20 2E 0D  . Hang Up . . ..
   A0    0A 0A FF 0D  0A F6 2C 20  FA 20 42 61  75 64 0D 0A  ......, . Baud..
   B0    F9 20 50 72  65 76 69 6F  75 73 20 46  61 69 6C 65  . Previous Faile
   C0    64 20 41 74  74 65 6D 70  74 73 0D 0A  F8 20 41 63  d Attempts... Ac
   D0    63 65 73 73  65 73 0D 0A  0A FF 03 4C  6F 67 6F 66  cesses.....Logof
   E0    66 0D FF FC  85 FF FB 82  41 54 44 F7  0D FF FB 82  f.......ATD.....
   F0    41 54 44 31  F7 0D FF FF  FF FF FF FF  FF FF FF FF  ATD1............
          0  1  2  3   4  5  6  7   8  9  A  B   C  D  E  F
Warranty and Limitation of Liability

     IC Engineering, Inc. warrants to the original purchaser that
this product will materially perform in general accordance with the
specifications contained herein, and that all components contained in
this product will be free from defects in materials and/or
workmanship for 90 days from the date of purchase. During this
warranty period IC Engineering, Inc. will at no cost, promptly repair
or replace, at its option, defective equipment returned,
transportation charges prepaid by Buyer. This warranty shall not
apply to damage resulting from abuse, negligence, accident or loss or
damage in transit.

     IC Engineering, Inc. is in no way responsible for the security
of any computer, communications, data processing, or any other type
of system, makes no other warranty, expressed or implied, and
disclaims any implied warranty of merchantability or fitness for a
particular purpose. The sole and exclusive remedies for breach of any
warranty shall be repair or replacement, or at IC Engineering, Inc.'s
option, refund of the purchase price. IC Engineering, Inc., shall not
be liable for incidental or consequential damages to persons or
property, and its sole liability is as above set forth.