comStar Firewall alert - PhaseThrough

Recommendations

Info

software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 users—or the successful implementation of social engineering— rather than flaws in a computer system’s security. It is up to the gamemaster to decide if and when a character’s online activities justify an infection. activating trojan Horses As soon as the trojan’s façade program is executed, the trojan malware hidden inside is activated as well. Most trojans are designed to immediately install something on the infected system (such as a backdoor or hidden proxy server), or to download and install some other sort of malware (such as a virus or worm). A few are designed to undertake some other sort of action, such as disarming the Firewall. Each trojan is designed with a different objective, and so functions differently, according to the gamemaster’s discretion (see Sample Trojans, p. 124, for specific examples). Because trojans are (unknowingly) activated by the duped user, they take action with the same account privileges as that user. This means that in many cases, the trojan’s actions are considered legal and are not contested by the Firewall. detecting and disinfecting of trojans Since trojan horses take a variety of forms, there is no universal method to automatically locate and eradicate them. Trojans are particularly difficult to spot before they have been activated. They roll Rating x 2 to oppose Matrix Perception Tests once activated. If the trojan has not yet been activated, apply a –4 dice pool modifier to the Matrix Perception Test. A detected trojan can be purged with an Opposed Disinfect Test (see p. 121). SaMpLe troJanS Although a plethora of different trojans exist under different names and handles, some representative samples of trojan horse programs and their functions are described below. Gamemasters and players are encouraged to expand this list on their own and develop new trojan programs. Hijacker Hijacker trojans subvert the activating user’s connections, redirecting him to other nodes—typically nodes loaded with spam, porn, or extremist political media. The trojan may occasionally redirect the user’s connection attempt to a different site, or it may always open an additional second connection every time the user opens one. proxy This trojan installs a secret proxy server (p. 104) on the user’s node when it is activated. If the user’s privileges allow for this, it is automatic; otherwise the trojan rolls Rating x 2 (10, 1 Initiative Pass) to install it. The trojan then keeps the server hidden using Rating x 2 to oppose any Matrix Perception Tests. If successful, the proxy server details are immediately transmitted to the trojan’s deployer. puppeteer Puppeteer trojans are designed to aid a hacker to spoof commands. When activated, the puppeteer informs the deploying hacker of the infected user’s access ID (if this changes, the trojan will update the hacker), enabling the hacker to more effectively spoof commands from the user. More insidiously, however, the Puppeteer opens a channel by which the hacker can send commands to the trojan, which then resends the commands as the infected user (and with the user’s access privileges) to any drones, agents, or devices under the user’s command. Because these commands are “legitimate” (coming from the authorized user’s account), they are automatically accepted. rat An abbreviation for “remote access tool,” the RAT is designed to immediately install a backdoor within the node when it is activated. Roll its Rating x 2 to create a reusable exploit, a legitimate account, a hidden account, or a hidden access point (see Backdoors, p. 99). If successful, the backdoor details are immediately transmitted to the trojan’s deployer. Sapper Sapper trojans feature coding similar to the Disarm program (p. 111). When activated, they remain hidden in the node until they receive an activation code from the deploying hacker. At this point, they attempt a Disarm action (p. 112) to neutralize the Firewall against the hacker, rolling Rating + Disarm. vector When activated, Vector trojans immediately open a connection to download and install a virus, worm, or agent from a predetermined Matrix site. Vector trojans are a common method used to spread malware infections to other nodes. Hackers sometimes use Vector trojans as a clandestine method to sneak an agent onto a target node. Agents and worms downloaded this way operate with the activating user’s access privileges. tacticaL ar Software Tactical AR software features sophisticated expert programs designed to analyze a situation, evaluate threats, incorporate sensor data from networked team members, calculate probabilities, run background simulations, and suggest courses of action. Based on previous generations of implanted tactical computers and new systems designed for biodrones (see p. 152, Augmentation), these programs incorporate augmented reality, mobile wireless devices, simsense, and advanced sensor technology to maximize tactical capabilities and threat response. Tacnets are commonly used by Malware Availability Cost (up to Rating 3) Cost (up to Rating 6) Trojan (Rating x 4)F Rating x 1,000¥ Rating x 2,000¥ Virus (Rating x 3)F Rating x 500¥ Rating x 1,000¥ Worm (Rating x 5)F Rating x 2,000¥ Rating x 5,000¥ Unwired Simon Wentworth (order #1132857) 9
military and police units, professional sports teams, emergency services, shadowrunners, and occasionally other scenarios where real-time team networking is crucial. tacticaL networkS To an individual, tacsofts can sometimes offer interesting advice, but they really thrive when used in a networked environment. They are designed to pool information from team members, assess the overall situation, and coordinate a more effective response with split-second AR data feedback. For a tactical network to function effectively, it requires a minimum of 3 members. Each member must be running tactical software of an equivalent rating (if the ratings are unequal, the network functions according to the lowest rating software) and must be subscribed to the tactical network (taking up one subscription). Members may be characters running the tacsoft on their commlinks or drones running the software on their systems. Tactical software has a maximum rating of 4. You may only be part of one tactical network at a time. Sensor channels Tactical networks rely on data supplied in real-time by sensor systems to maintain an up-to-date model of the tactical situation. In order to function effectively, a minimum of sensory input is required from different sources, measured in the form of sensor channels. In order to be counted as a member of the tactical Unwired network (and to receive bonuses from it), each member must contribute a number of sensor channels equal to the tacsoft rating x 2. Sensor channels are defined as any type of sensory input that can be transmitted to the tactical network (and that contributes in some way to analyzing the tactical situation). Each sense or sensor accounts for a separate sensor channel. This sensory input could include: Natural Senses: Visual, audio, or olfactory senses recorded via simrig each count as a sensor channel. Natural enhancements such as low-light and thermographic count as additional senses. Cybernetic Senses: Any visual, audio, olfactory, or other sense acquired via cybereyes, cyberears, olfactory booster, orientation system, etc. Sensory enhancements such as low-light, thermorgraphic, smartlink, ultrasound, radar, spatial recognizers, and so on each count as a separate sensor channel. Sensor Systems: Data acquired from worn, carried, or mounted sensor systems of various types (cameras, microphones, range finders, motion sensors, etc.) may also be contributed to the network as a sensor channel. Drones sensor systems also count; each drone can supply a number of sensor channels equal to its Sensor rating. Brimstone’s team is running a Rating 3 tactical network. To count as a contributing team member (and thus to receive bonuses from the network), Brimstone must contribute at least 6 sensor channels. Luckily, Brimstone is a cybersamurai with her share of senseware. Her cybereyes (channel 1) are enhanced with low-light vision (channel 2), smartlink (channel 3), and vision magnification (channel 4). She also has an orientation system (channel 5) and has strapped on an ultrasound sensor (channel 6). All of these sensor systems are linked to her commlink, where she is running her tacsoft, which shares their input data with the rest of the team via tacnet. If for some reason one of her sensor systems was knocked out ( for example, she dropped her ultrasound sensor), she would lose a sensor channel and would no longer count as a member of the tacnet team. centralized tacnets The decentralized network structure of traditional tacnets works well for urban combat situations. Under some circumstances, however, a team may prefer to adopt a more centralized model, where the tactical soft is run on a single commlink, which effectively rides in a command and control position. In this situation, the other team members do not need to run their own tacsoft, but they must slave their commlinks to the master node (see Slaving, p. 59). Each slaved node takes up 1 subscription slot on the master node’s persona (see Subscriptions, p. 55). This has the advantage of protecting the network against hacking (especially if the team’s hacker runs the master node), but also carries the drawback that the network will fail if the master node is somehow taken out. Simon Wentworth (order #1132857) 9 125 software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Page 1 and 2:
TM Simon Wentworth (order #1132857
Page 3 and 4:
Simon Wentworth (order #1132857) 9
Page 5 and 6:
Malware 86 Agents 87 Botnets 88 the
Page 7 and 8:
JackPoint StatS___ 57 users current
Page 9 and 10:
Page 11 and 12:
AR transmissions are so easy to eav
Page 13 and 14:
And I’m even happier when I can i
Page 15 and 16:
tHe aUgMented worLd The augmented w
Page 17 and 18:
people started cobbling together re
Page 19 and 20:
While the cheaper commlinks are onl
Page 21 and 22:
Matrix criMeS > I’ve downloaded a
Page 23 and 24:
“protection rackets” against vi
Page 25 and 26:
a general agreement that in order t
Page 27 and 28:
Now, to operate in the sprawl, you
Page 29 and 30:
capabilities and resources to do it
Page 31 and 32:
popULar SoUSveiLLance videoS knight
Page 33 and 34:
drug treatments during incarceratio
Page 35 and 36:
Page 37 and 38:
of more than one sprite at a time.
Page 39 and 40:
intuitive Hacking Cost: 5 BP A char
Page 41 and 42:
tweaking tHe rULeS Gamemasters and
Page 43 and 44:
Page 45 and 46:
‘link will s-l-o-w d-o-w-n, big t
Page 47 and 48:
gram and a massive amount of time (
Page 49 and 50:
. . . Matrix topoloGy . . . Hex was
Page 51 and 52:
Page 53 and 54:
track programs are not able to dete
Page 55 and 56:
node attributes like a metaphor or
Page 57 and 58:
datatrail Every interaction on the
Page 59 and 60:
a castle could represent a control
Page 61 and 62:
Simsense can also be used for exper
Page 63 and 64:
Page 65 and 66:
with their image links is an expens
Page 67 and 68:
To avoid detection, the hacker can
Page 69 and 70:
aLertS Another important line of de
Page 71 and 72:
B A R S C I L W ESS 3 2 3 2 3 4 4 3
Page 73 and 74:
encryption on the access log of the
Page 75 and 76: filled with a high-rating Data Bomb
Page 77 and 78: You also need to choose the Matrix
Page 79 and 80: Sculpting: The node looks a lot lik
Page 81 and 82: Hardware: Saeder-Krupp Schwermetall
Page 83 and 84: Simon Wentworth (order #1132857) 9
Page 85 and 86: Don’t call me a script kid Don’
Page 87 and 88: ight commands to bring those things
Page 89 and 90: drivers on my commlink before I tur
Page 91 and 92: what it sounds like: two or more ha
Page 93 and 94: Yep. You can also stick malware int
Page 95 and 96: gaMe inforMation The Hacker’s Han
Page 97 and 98: paYdata General rules for fencing p
Page 99 and 100: Pistons is researching the NeoNET A
Page 101 and 102: Spoofing commands from a user with
Page 103 and 104: to Mook or not to Mook? For some ch
Page 105 and 106: Issuing commands to a smartgun thro
Page 107 and 108: igger trickS Like hackers, riggers
Page 111 and 112: Server-Side prograMS Server-side pr
Page 113 and 114: cess (even if the agent tries to ha
Page 115 and 116: worms). To match the opposition, ho
Page 117 and 118: Mute Program Types: Common, Hacking
Page 119 and 120: temporary degradation can be restor
Page 121 and 122: advanced prograMMing taBLe Software
Page 123 and 124: prone to degradation. This is in pa
Page 125: dataworms Dataworms are a stealth t
Page 129 and 130: them and plot them on a three-dimen
Page 131 and 132: . . . technoMancers . . . The secur
Page 135 and 136: attuning to a particular part of th
Page 137 and 138: advanced tecHnoMancer rULeS The rec
Page 139 and 140: Streams are still evolving and are
Page 141 and 142: info Savants Fading: Intuition + Re
Page 143 and 144: experience, induced by unfiltered e
Page 145 and 146: don’t have to be strictly technom
Page 147 and 148: new ecHoeS The following section ex
Page 149 and 150: Sift Technomancers who possess this
Page 151 and 152: Neuroleptic: This widget creates a
Page 153 and 154: make are geared towards someone wit
Page 157 and 158: Pilot Response Firewall Matrix INIT
Page 159 and 160: traceroUte taBLe Subject Interacts
Page 161 and 162: • It may raise one complex form i
Page 163 and 164: . . . Matrix phenoMena . . . It’s
Page 167 and 168: gaMe inforMation This section provi
Page 169 and 170: (plus an additional box if the AI h
Page 171 and 172: known aiS These are but a few examp
Page 173 and 174: Uv nodeS—at tHe edge of reaLitY I
Page 175 and 176: is something larger beyond the curt
Page 177 and 178:
the realm where the source code was
Page 179 and 180:
infektors The Infektors’ ultimate
Page 181 and 182:
corrupting it into a temporary diss
Page 183 and 184:
Pilot Response Firewall Matrix INIT
Page 185 and 186:
Page 187 and 188:
former prematurely and leave them o
Page 189 and 190:
playback gear On the most basic lev
Page 191 and 192:
y default can be used repeatedly an
Page 193 and 194:
to explain the missing time. Also,
Page 195 and 196:
compartmentalized pieces of informa
Page 197 and 198:
. . . Matrix Gear . . . Glitch was
Page 199 and 200:
Page 201 and 202:
eLectronicS Electronics follow all
Page 203 and 204:
Hacker ServiceS See Buying a Better
Page 205 and 206:
Software Suites Availability Cost H
Page 207 and 208:
SaMpLe nodeS (cont.) . . . . . . .
Page 209 and 210:
SaMpLe SpiderS (cont.) Security tec
show all

comStar Firewall alert - PhaseThrough

Create successful ePaper yourself

Delete template?

Save as template?