comStar Firewall alert - PhaseThrough

Recommendations

Info

hacker’s handbook . . . . . . . . . . . . . . . . . . . . . . . . . . 102 arMY of codezoMBieS! With botnets and mass attacks, players are probably wondering why hackers don’t simply send agent after agent to hack a node. Statistically, at some point the dice will roll sixes and you’ll be home free. So why waste the time and energy planning a hack? First, bots that have the same access ID will be blocked from entering the same node at the same time (see Autonomous Programs, p. 110). Even if they have different access IDs, security hackers aren’t stupid. While the first two or three agents might be dismissed as kids playing around or spammers trying to break through a firewall, repeated attempts (especially if the agents are identical copies or from the same node) will rouse suspicion, triggering an active alert or drawing a security hacker to investigate and possibly trace the source of the offending agents, which will be removed from the node’s subscriber list and all connections between the two refused. Brute force methods—sending a group of agents to force their way through a node in cybercombat—are rarely effective. Most nodes will quickly terminate the agents’ connections and/or bring in large numbers of IC to deal with the intruders. Because they lack true intelligence, agents are usually susceptible to simple tactics like crashing the programs they are using. Once disarmed, agents are easy game for security hackers and intrusion countermeasures. So what’s the point in having massive numbers of agents on hand? Agents are handy for being in more places at once than your commlink allows, for helping with denial of service attacks, and for automating actions like mass probing and data searches. Savvy hackers prefer to see how well an agent does against a node before they put their own frontal lobes on the line trying to hack it. In a pinch, agents are also a good way to ensure you have numbers on your side in cybercombat. Hacker trickS The following rules expand on the options presented in SR4 and other Shadowrun products on hacking, with an eye to answering lingering questions on accessing cyberware, electronics, nanites, and other devices. Hacking cyberware Not all cyberware is hackable, though enough is to make a hacker’s interest worthwhile. To determine if a particular cyber-implant can be hacked, the following criteria must be met (note that these criteria actually apply to almost all devices, not just cyberware): First, the cyberware must be computerized—not all implants need a built-in computer. Most cyberware, however is either computerized (or at least equipped with RFID sensor tags) so that it may be queried for diagnostics, controlled remotely or via direct neural interface, or communicate with other implants/devices. See DNI and Wireless Functionality, p. 31, Augmentation. Second, the implant must be accessible by the hacker, via wired or wireless connection. Most external implants (like cyberlimbs) only have wired connections, requiring the hacker to physically jack in to access the device. A datajack provides immediate access to all cyberimplants with a direct neural interface. Many internal implants have wireless links to aid medical staff in running diagnostics (like wired reflexes) or to link to other devices (like a smartlink). The Signal rating of internal implants tends to be low (usually 0), meaning that a hacker needs to be in close range. Such implants are often slaved to the character’s commlink, however, so a hacker who infiltrates the master node can access slaved implants (see Slaving, p. 55). Some internal implants (such as cortex bombs) have no wireless or DNI connection and so are isolated from other systems, requiring surgery to allow a hacker to jack in and access the device. If these criteria are met, the hacker can attempt to hack or spoof the implant following normal rules. Device ratings for standard types of cyberware are given on p. 214, SR4. Some implant nodes/transmissions may be encrypted for extra protection, requiring that the hacker decrypt them first (see Encryption, p. 65). Like other devices, cyberware can be manipulated within the limits of its programming and functionality. In most cases, such actions require no test to someone with the proper access privileges. In the case of commands that exceed operational parameters or access privileges, an Opposed Test pitting Command + Hacking Test versus System + Firewall may be required. It would take too much space to provide an exhaustive list of possibilities, but here are a few examples (players and gamemasters are encouraged to be creative when devising other options—as always, the gamemaster has final say): • Cybereyes can be shut down or crashed to make the target blind. • Pre-recorded or self-created (using Computer + Edit) sounds could be played within hacked cyberears to make the target hear things. • Incriminating evidence (for example, forged smartlink footage of a shooting) could be downloaded into an implant’s memory, framing the victim for a crime. • The implant may be activated (for example, triggering foot anchor implants to keep someone from running away) or shut down (turning an internal air tank off, to force them to breathe). • The target character may be shut out of controlling his own implants by deactivating DNI or altering the account privileges (requiring a Hacking + Editing Test). • Seizing control of a cyberarm and using it to attack others, or even the cyberlimbed character. Hacking Smartlinks and Smartguns Smartguns and smartlinks are both low-level wireless devices (Signal 0), and the default mode for smartguns is private access—a primary user account is registered when the gun is purchased, and that user can set up guest accounts for friends and allies instead of letting anyone pick up the gun and access the smartgun link and/ or fire the device. To prevent their smartguns from being hacked, some users place the smartgun in hidden mode or disable the wireless access and use a skinlink or datajack located on the inside of the wrist to connect to the smartgun (the fiber optic cord also serves to make the gun easier to recover if the character drops it). Unwired Simon Wentworth (order #1132857) 9
Issuing commands to a smartgun through a smartlink is a Free Action that requires no test; issuing commands to a smartgun through a commlink or any other wireless device is a Simple Action and requires a successful Computer + Command (1) Test. If two characters are attempting to command the same smartgun, make an Opposed Computer + Command Test, with the winner determining what the smartgun does that round. Some street samurai store a copy of the Command program in their smartlinks specifically for these tests. false diagnostics By default, cyberware (and other electronic devices configured for open access) provide information on the current state of the device, including the official designation and serial number for the device, the owner, the license number, the version of the operating system it is running, fuel or power remaining (if applicable), critical temperatures, malfunctions, and the date of the last maintenance, upgrade, or modification. A hacker can change some of the personal data (owner, license number) with a successful Software + Edit Test; changing any of the other information requires a Hacking + Edit Test (difficulty threshold determined by the gamemaster). In low-security settings where the guards cannot tell exactly what an implant is, a false diagnostic reading with a valid license can be enough to get the character through without too much scrutiny. Hacking electronics A character can identify an unfamiliar electronic device and figure out how to turn it on with a successful Computer + Logic Test. Once the device is powered up, characters can access it. Most devices only have a single account with admin privileges and are configured for open access— anybody can come by and use them. More complicated and expensive devices may have multiple accounts and more limited public access. Devices generally feature wired access (requiring the hacker to physically jack in), wireless access, or both. Because most hardware devices are configured for open access, limitations are gener- Unwired cYBerware defenSeS How can a character protect his cyberware from hacking? 1.) Turn off or remove any wireless links (see p. 31, Augmentation). 2.) Use a direct physical connection rather than wireless (externally-accessible implants only). 3.) Keep the Signal rating low so a hacker would have to be within close range. 4.) Use a good Firewall program. 5.) Use a good Encryption program. 6.) Stay in hidden mode. 7.) Slave the implant to your secure commlink (see Slaving, p. 55). 8) Install Data Bomb, ECCM, or IC programs. ally hardwired or preprogrammed in. Bypassing or modifying hardware limitations on a device requires a Hardware + Logic Extended Test. Refer to the Build/Repair Table on p. 125 of SR4 for the Threshold and modifiers, the Interval is usually 10 minutes (longer for larger or more complex devices, at the gamemaster’s discretion). A microtronics tool kit (see Tools, p.323, SR4) or better is typically required. Generally, electronics only have a single rating, the Device rating (p. 212, SR4), which is used in place of all of its Matrix attributes. Gamemasters may choose to specify the Matrix attributes for particularly important device rather than rely on this catch-all. When a player character is attempting to manipulate the device within the bounds of legitimate use, they use Computer + Logic (for the general function of the device), or Computer + Program rating (if within the normal parameters but an unusual task); if the player wants to get the device to act outside of legitimate parameters, roll Hacking + Program rating. Hacking nanites Individual nanites are too small and simple to be hacked individually—or for there to be much use if you managed it— and entire nanite colonies are too complex, even for the most sophisticated swarm-rigging programs. Instead, hackers focus on accessing and reprogramming nanohives, nanofaxes, and desktop forges, or triggering and shutting down nanoware (see Triggered and Shutting Down Nanoware, p. 108, Augmentation). Nanites cannot normally be controlled to a great extent, but hard nanite systems can be reprogrammed from their supporting nanohive. Individual nanohives can be accessed wirelessly (Signal 0) and hacked or spoofed using the standard rules (see Hacking Cyberware, p. 102); the hacker can then get cracking reprogramming the nanites (see Reprogramming Hard Nanites, p. 107, Augmentation). To save time, if the hacker has a sample of the nanite system and a microtronics shop, she can write the program in advance and simply upload it using Spoof. Nanofaxes and desktop forges have extensive protections against hacking. Typically, neither sort of nanomanufacturing device connects to the Matrix unless they are expecting a software upgrade or new nanoschematics. Unlike other devices, nanofaxes and desktop nanoforges are usually as well-protected as high-security nodes with Simon Wentworth (order #1132857) 9 103 hacker’s handbook . . . . . . . . . . . . . . . . . . . . . . . . . .
Page 1 and 2:
TM Simon Wentworth (order #1132857
Page 3 and 4:
Simon Wentworth (order #1132857) 9
Page 5 and 6:
Malware 86 Agents 87 Botnets 88 the
Page 7 and 8:
JackPoint StatS___ 57 users current
Page 9 and 10:
Page 11 and 12:
AR transmissions are so easy to eav
Page 13 and 14:
And I’m even happier when I can i
Page 15 and 16:
tHe aUgMented worLd The augmented w
Page 17 and 18:
people started cobbling together re
Page 19 and 20:
While the cheaper commlinks are onl
Page 21 and 22:
Matrix criMeS > I’ve downloaded a
Page 23 and 24:
“protection rackets” against vi
Page 25 and 26:
a general agreement that in order t
Page 27 and 28:
Now, to operate in the sprawl, you
Page 29 and 30:
capabilities and resources to do it
Page 31 and 32:
popULar SoUSveiLLance videoS knight
Page 33 and 34:
drug treatments during incarceratio
Page 35 and 36:
Page 37 and 38:
of more than one sprite at a time.
Page 39 and 40:
intuitive Hacking Cost: 5 BP A char
Page 41 and 42:
tweaking tHe rULeS Gamemasters and
Page 43 and 44:
Page 45 and 46:
‘link will s-l-o-w d-o-w-n, big t
Page 47 and 48:
gram and a massive amount of time (
Page 49 and 50:
. . . Matrix topoloGy . . . Hex was
Page 51 and 52:
Page 53 and 54: track programs are not able to dete
Page 55 and 56: node attributes like a metaphor or
Page 57 and 58: datatrail Every interaction on the
Page 59 and 60: a castle could represent a control
Page 61 and 62: Simsense can also be used for exper
Page 63 and 64: Simon Wentworth (order #1132857) 9
Page 65 and 66: with their image links is an expens
Page 67 and 68: To avoid detection, the hacker can
Page 69 and 70: aLertS Another important line of de
Page 71 and 72: B A R S C I L W ESS 3 2 3 2 3 4 4 3
Page 73 and 74: encryption on the access log of the
Page 75 and 76: filled with a high-rating Data Bomb
Page 77 and 78: You also need to choose the Matrix
Page 79 and 80: Sculpting: The node looks a lot lik
Page 81 and 82: Hardware: Saeder-Krupp Schwermetall
Page 85 and 86: Don’t call me a script kid Don’
Page 87 and 88: ight commands to bring those things
Page 89 and 90: drivers on my commlink before I tur
Page 91 and 92: what it sounds like: two or more ha
Page 93 and 94: Yep. You can also stick malware int
Page 95 and 96: gaMe inforMation The Hacker’s Han
Page 97 and 98: paYdata General rules for fencing p
Page 99 and 100: Pistons is researching the NeoNET A
Page 101 and 102: Spoofing commands from a user with
Page 103: to Mook or not to Mook? For some ch
Page 107 and 108: igger trickS Like hackers, riggers
Page 111 and 112: Server-Side prograMS Server-side pr
Page 113 and 114: cess (even if the agent tries to ha
Page 115 and 116: worms). To match the opposition, ho
Page 117 and 118: Mute Program Types: Common, Hacking
Page 119 and 120: temporary degradation can be restor
Page 121 and 122: advanced prograMMing taBLe Software
Page 123 and 124: prone to degradation. This is in pa
Page 125 and 126: dataworms Dataworms are a stealth t
Page 127 and 128: military and police units, professi
Page 129 and 130: them and plot them on a three-dimen
Page 131 and 132: . . . technoMancers . . . The secur
Page 135 and 136: attuning to a particular part of th
Page 137 and 138: advanced tecHnoMancer rULeS The rec
Page 139 and 140: Streams are still evolving and are
Page 141 and 142: info Savants Fading: Intuition + Re
Page 143 and 144: experience, induced by unfiltered e
Page 145 and 146: don’t have to be strictly technom
Page 147 and 148: new ecHoeS The following section ex
Page 149 and 150: Sift Technomancers who possess this
Page 151 and 152: Neuroleptic: This widget creates a
Page 153 and 154: make are geared towards someone wit
Page 155 and 156:
Page 157 and 158:
Pilot Response Firewall Matrix INIT
Page 159 and 160:
traceroUte taBLe Subject Interacts
Page 161 and 162:
• It may raise one complex form i
Page 163 and 164:
. . . Matrix phenoMena . . . It’s
Page 165 and 166:
Page 167 and 168:
gaMe inforMation This section provi
Page 169 and 170:
(plus an additional box if the AI h
Page 171 and 172:
known aiS These are but a few examp
Page 173 and 174:
Uv nodeS—at tHe edge of reaLitY I
Page 175 and 176:
is something larger beyond the curt
Page 177 and 178:
the realm where the source code was
Page 179 and 180:
infektors The Infektors’ ultimate
Page 181 and 182:
corrupting it into a temporary diss
Page 183 and 184:
Pilot Response Firewall Matrix INIT
Page 185 and 186:
Page 187 and 188:
former prematurely and leave them o
Page 189 and 190:
playback gear On the most basic lev
Page 191 and 192:
y default can be used repeatedly an
Page 193 and 194:
to explain the missing time. Also,
Page 195 and 196:
compartmentalized pieces of informa
Page 197 and 198:
. . . Matrix Gear . . . Glitch was
Page 199 and 200:
Page 201 and 202:
eLectronicS Electronics follow all
Page 203 and 204:
Hacker ServiceS See Buying a Better
Page 205 and 206:
Software Suites Availability Cost H
Page 207 and 208:
SaMpLe nodeS (cont.) . . . . . . .
Page 209 and 210:
SaMpLe SpiderS (cont.) Security tec
show all

comStar Firewall alert - PhaseThrough

Create successful ePaper yourself

Delete template?

Save as template?