In this tab you can control the status of AlertMobile service. Press the button "Start monitoring" to run the service or "Stop monitoring" to stop it. By default, the service is configured to run automatically on system startup. So it will be activated again after system restart in any case. You can change the startup option manually via the Service Control Manager.

In active state, when monitoring is enabled, you will receive the notifications about selected events on your mobile device. All events that can be monitored are listed in the next tab. The notifications are sent as short text messages (SMS) in special format, described in the section "Packet Fields". You should configure "Sender Settings" to receive SMS alerts on your mobile phone.

When monitoring is disabled, no alerts will be sent to your mobile device. For example, you can disable monitoring while working on the computer yourself, when you are sure that no one else can logon to your system or run your critical applications. When you finish your work, you can either run the configuration utility and enable monitoring, or just shut down the system. On the next power up AlertMobile will be started automatically and you will immediately receive an SMS alert. You should not worry any more that somebody can use your computer without your awareness of it.

In this tab you can configure all monitoring options available in the current version of AlertMobile.

There are two things that you can control - system logon and running of selected programs. If any of these events occurs you will receive an SMS alert.

Checking the options below the system logon will enable including of this information to SMS text. For example, if you check "User name" then the name of currently logged on user will be included in SMS alert about system logon.

Checking the option "Monitored programs list" will enable monitoring of active processes list. If any of selected programs starts, you will receive an SMS alert on your mobile phone. Use Add and Remove buttons to create a list of monitored programs. This list is also used by the control commands "Terminate all active processes from monitored processes list" and "Lock all active processes from monitored processes list".

In this section you must provide all information necessary to send the SMS alerts to your mobile device.

SMS are sent using the electronic gate that coverts the emails to short text messages for mobile phones. Usually most cellular operators have their own such gates that can be used free of charge by their clients. Besides, there are also free public gates available to anyone all around the world. The most popular example - ICQ's SMS service. You can use it by entering you full mobile number beginning with "+" and after it "@icqsms.com", for example: +xxxxxxxxxxx@icqsms.com, where "x" is a digit of your mobile number.

Other options, including SMTP server settings, are self-explanatory.

With AlertMobile you can remotely control the computer using your mobile phone.

In the current version there are 6 control commands available:

Display messages sent from mobile phone (MSG by default)

Disable user account and force system restart (LOCK by default)

Terminate active process (KILL by default)

Terminate all active processes from monitored processes list (KILLALL by default)

Lock active process (PROCLOCK by default)

Lock all active processes from monitored processes list (LOCKALL by default)

Most cellular operators take charge for outgoing SMS messages, so this feature is disabled by default.

Remote administration is implemented via POP3 server. You send the control commands of specified format to email address. AlertMobile checks this email address for new messages.

To send the control command choose "New message" item on your mobile phone. Then type:

and send this message to a number of SMS-to-Email gate provided by your cellular operator.

email@address is the address of POP3 server account used by AlertMobile to receive control commands. It is not recommended to use your existing mail account because AlertMobile locks it to avoid conflicts. You should create for this purpose a new account on your corporate mail server (recommended) or on some freeware public mail server with support of POP3 protocol. Provide the information about this account (server address, name and password) in the "Response" tab.

CMD is the AlertMobile's control command (MSG, LOCK, KILL, KILLALL, PROCLOCK or LOCKALL).

param is the command parameter, if required. For MSG command param is the text of message, for example:

For LOCK command param is the name of user's account, for example:

After system restart the user john will not be able to log on.

For KILL and PROCLOCK commands param is the process identifier, for example:

or

When you receive the SMS about activation of a process from monitored processes list, there is the process identifier included in the field "PI: ". You can use this identifier in KILL and PROCLOCK commands. The command KILL just terminates the active process. The command PROCLOCK first terminates the process and then locks it, so nobody can start it again until system restart.

The commands KILLALL and LOCKALL do not require any parameters. They terminate or/and lock all currently active processes specified in the "Monitoring" tab. For example:

or

NOTE: If message IDs are enabled in security settings, you must use the following format of control commands:

where xxxxxxxx is the ID of last received SMS alert.

If the option "Send to mobile phone confirmation of command execution status" is enabled, you will receive a notification SMS after execution of command. "ST: +O" means that all is OK, "ST: -F" means that command failed.

For security reasons, you can change the standard names of control commands to your own unique names. See the "Packet Fields" tab.

Advanced options include two additional response commands:

Trace route of monitored PC to selected host (ROUTE by default)

Dismount all StrongDisk-protected drives (DSMT by default)

Also, advanced options allow to remotely control a set of sensing units plugged into COM port for physical protection of rooms, safes, etc.

Commands ROUTE and DSMT are used without parameters. For example:

Upon execution of ROUTE command you will receive on your mobile phone a list of 5 route IP-addresses.

NOTE: If message IDs are enabled in security settings, you must use the following format of control commands:

where xxxxxxxx is the ID of last received SMS alert.

If physical protection is enabled, you will receive SMS alerts when AlertMobile detects some of the sensing units to be in signalled state. You must select the number of COM port which the set of sensing units is plugged into. Also, you must determine the time gap of alert actuation.

The set of sensing units is plugged into COM port using the following scheme:

Be very careful while using this feature. Read section 5 of End User License Agreement (license.txt).

For additional information, see RS-232 interface characteristics and signals.

AlertMobile receives response commands from the administrator's mobile phone using POP3 server. Settings it this tab are available if remote administration is enabled.

It is not recommended to use your existing mail account because AlertMobile locks it to avoid conflicts. You should create for this purpose a new account on your corporate mail server (recommended) or on some freeware public mail server with support of POP3 protocol. Provide the information about this account (server address, name and password) in "POP3 server settings" section.

AlertMobile operates quite silently. It does not produce any informational or warning messages that would tell the user about the presence of some monitoring tool on the computer. But the security administrator needs some diagnostic information to see whether AlertMobile works properly. For this purpose the auditing of selected events is provided. The informational, warning or error messages during the AlertMobile operation can be audited to the Application Log. Then the security administrator uses Event Viewer to see these messages.

Use this option accurately because, if everything is selected, a lot of information is produced to the Application Log.

You can protect AlertMobile Configuration Utility with logon password.

Maximal password length is 50 characters. Passwords are case-sensitive. Any printed characters are accepted. Remember about general password requirements - not to enter your name etc.

The next option is to include IDs in every SMS alert sent to your mobile phone. These IDs protect the system from spoofing with false control commands sent by malicious users. If IDs are not used, anyone who knows the POP3 server account used by AlertMobile and format of control commands can remotely send to your computer any messages. But if you enable IDs, in every SMS you will see the additional field "ID: xxxxxxxx", where xxxxxxxx is a random sequence of 8 characters from the range 0-9, a-z, A-Z. Then, if you want to reply from your mobile phone on the received SMS alert with some message, you have to put its ID before the control command. See "Remote Administration" section for example.

Safeguards that give you maximal protection from malicious intruders:

Special email address used by AlertMobile to receive control commands

Unique names of control commands

Message IDs in every SMS

You can adjust the standard names of data fields used by AlertMobile for sending of SMS alerts and receiving of control commands. Your own names of control commands can serve as additional security measure. Some other fields you cannot change. The full description follows:

Alert fields:
ID - Message identifier. Used for identification of incoming messages to prevent the system from spoofing with false control commands.
EV: Startup - Operating system startup and user logon.
EV: Process - Process activation. Activation of a process from controlled programs list.
EV: Route - Trace route. Tracing of route from monitored PC to selected host.
EV: Signal - Signalization actuation. Some of sensing units plugged into COM port are in signalled state.
EV: Confirm - Command confirmation. Confirmation of the response command execution.
CN - Computer name. The name of computer where the monitored event has occurred.
UN - User name. The name of currently logged on user. Can be used with control command LOCK.
PN - Process name. The name of started process from the monitored programs list.
PI - Process identifier. Can be used with control commands KILL and PROCLOCK.
DT - Date and time when the monitored event has occurred.
IP - List of route IP addresses.
ST: +O - Response command execution status. All is OK.
ST: -F - Response command execution status. Command failed.

Command fields:
MSG - Display messages sent from mobile phone.
LOCK - Disable user account and force system restart.
KILL - Terminate active process.
KILLALL - Terminate all active processes from monitored processes list.
PROCLOCK - Lock active process.
LOCKALL - Lock all active processes from monitored processes list.
ROUTE - Trace route of monitored PC to selected host.
DSMT - Dismount all StrongDisk-protected drives.

Command names cannot contain spaces. Command names are case-sensitive.