comStar Firewall alert - PhaseThrough

Recommendations

Info

systeM security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 access id A system can allow access simply by the access ID of a user. The node keeps a list of access IDs, and any construct that attempts to log onto the node from an access ID on its list is allowed to do so. This is a fast method of authentication, if not a secure one, and requires only a Simple Action to log on with AR, or a Free Action with VR. This method is used by inconsequential utilitarian nodes, such as garage door openers, public forums, and home appliances. web of trust A web of trust determines the authenticity of a user by checking a number of other sources. Data about a user is stored in many places, making it more difficult to fake authentication. To use an analogy, the system asks around to see if the user is trustworthy. This is the method used by SIN verification systems to check a person’s ID; in most cases, systems that use this method of authentication use a SIN verification. Treat the authenticating node as having a SIN verification system with a rating equal to its System (p. 260, SR4). Nodes that use the web of trust method of authentication tend to be public or mostly public nodes, such as municipal or corporate residential libraries, shopping malls, vending machines, and virtual night clubs. passcodes and Linked passcodes Passcodes are described on p. 215, SR4. They are the most basic form of authentication, even when linked to additional data. Private and low-security nodes such as private clubs, retail outlets, and public schools tend to use passcodes. Small businesses, local government offices, underworld syndicates, and upper-class homes generally use linked passcodes. passkeys Passkeys are also described on p. 215, SR4. They are physical modules ranging in size from a fingernail to a stylus or credit card. They use a combination of encryption and materials engineering to create a unique key that is plugged into a common commlink jack. If the correct passkey is not connected to a device that tries to access the node using this method, the access is denied. In addition to standard passkeys, more advanced passkeys have recently been developed. One of these passkeys is the nanotech passkey, in which a small colony of nanites form unique and dynamic patterns for authentication. These passkeys require a small amount of upkeep to sustain the nanomachines, which is usually accomplished by leaving the passkey plugged into a commlink for a few minutes each day. The second type of advanced passkey is the alchemical passkey. This piece of manatech is similar to a magical focus that interacts with technological sensors in the passkey to produce a unique signature. An alchemical passkey is created through a process of Enchanting using different reagents in a process similar to magical compounds (p. 82, Street Magic). It has an aura that is recognizable as being magical in nature, but no astral presence. The passkey is not the only part of a passkey system. The node secured by passkey must also have the proper hardware to use passkey authentication. Such systems are expensive and, in the case of more advanced passkey systems, difficult to maintain, to the delight of hackers everywhere. No matter what kind of passkey is used, systems that utilize passkeys do not merely check for proper authorization on initial entry into the system. The passkey information is registered with every action in the node’s access log. This makes hacking into such nodes far more difficult if the session lasts longer than the next access log update; the hacker is detected and an active <strong>alert</strong> initiated when the access log shows that the hacker lacks the passkey data. Passkey Cost Standard Passkey 100¥ Nanotech Passkey 1,200¥ Alchemical Passkey 2,100¥ Standard Passkey System 15,000¥ Nanotech Passkey System 32,000¥ Alchemical Passkey System 110,000¥ Unwired Simon Wentworth (order #1132857) 9
To avoid detection, the hacker can edit the access log to hide the discrepancy. The use (or lack thereof ) of a passkey that matches the passkey system on a node can also be detected by a security hacker who has access to the passkey system with a successful Matrix Perception Test. Fortunately, passkeys are required for access on only the most secure systems. Many facilities do not have the budget for passkeys on every node, and so many only have one passkey node, often used as a gateway to other nodes on the system. Examples of systems that generally use passkeys for authentication include megacorps, federal governments, financial institutions, and military facilities. other authentication Methods Nodes may be configured with other forms of authentication. Such methods are usually unique and challenge a prospective user. For example, a node may require that a construct beat it in a game of chess, achieve a certain score in a video game, or pass an intelligence test. If the node is linked to various input devices, it can also demand a certain sequence of movements, or that a user perform a karaoke song correctly. These sorts of nodes sometimes also challenge users that have successfully logged into the system, with IC confronting constructs with tests and trials that must be answered or an <strong>alert</strong> will be initiated. Some hackers are delighted by these sorts of nodes, some just hack their way around them. Hacking and authentication When a character hacks into a node, whether on the fly or by probing, she is actually circumventing normal authentication routines and setting up a fake account that the system believes has access at the privilege level the hacker chose at the start of the attempt. This account is almost never perfect, but the node accepts it as legitimate. Patrolling IC or spiders can discover the forgery by making a Matrix Perception Test against the hacker. The Stealth program helps counteract such snooping, but a hacker cannot expect to be able to use a hacked account indefinitely (see Account Privileges, p. 52). tHe acceSS Log Every node keeps an access log as part of its routine operation. The access log is a file that stores the record of everything done by, in, or to that node. For all Matrix actions performed in a node, records are created. These records include the time and date of each action, the access path of the user or agent that performed it, the account to which the user or agent had access, and the program that was used to perform it. The exceptions to this are Log Off and Jack Out actions (p. 220, SR4), which are recorded with only the time and date of the action, but no access path or data trail information. Nodes with higher System ratings tend to host more actions and so have larger access logs. The access log is updated automatically by the operating system. Because the operating system of a node has a certain amount of processing overhead, the access log is not updated immediately, leaving a certain amount of “breathing room” for hackers. A hacker’s actions will not evident in the access log of a node for at least a number of Combat Turns equal to the System of the node; the information is there, but it is in the form of raw data, and has not yet been processed into a readable format. Unwired Spiders use the access log regularly in their work. Most often, they use it to monitor and verify legitimate access and users. The access log also holds the evidence of unauthorized intrusion that can be read by spiders or agents. Spiders also routinely use the access log after an intrusion to identify and patch weaknesses in the system. A spider can use the information in the access log to Track an intruder through the Matrix (p. 219, SR4) even if the intruder’s icon is no longer in the node. Unfortunately for the spider, hackers tend to change both their location and their access ID on a regular basis, so this information is usually dated and no longer accurate. A successful Track Test using access log information will only give the location from which the hacker performed the last action recorded in the access log, and the access ID that she used at the time. The access log is also a file of great interest to attacking hackers. To an intruder, the access log is the metaphorical set of fingerprints that betray the hacker’s entry into the system. A good hacker will always perform a Data Search through the file and then an Edit to remove any trace of her presence. If she is in a hurry, she may simply delete the file, but such ham-fisted tactics are a dead giveaway that an intrusion happened. Unless the intruder can figure out a way to delete it, her Log Out or Jack Out action will remain behind, leaving evidence of the incursion but no information on who accomplished it or what was done. An access log can also be encrypted, slowing attacks on it. In order to do this, a node must be running a dedicated Encrypt program to handle both access log updates and the encryption of that data. If the dedicated Encrypt program is deactivated or crashes, the access log is automatically unencrypted. Due to the constantlychanging nature of the access log, it cannot be bundled with IC or a Data Bomb when it is encrypted (see Encryption, below). As a focal point of interest to both attackers and defenders, the access log is a part of many Matrix strategies, both offensive and defensive. For defensive strategies, see Tips and Tricks, p. 72, below. For strategies for hackers, see the Hacker’s Handbook, p. 80. encrYption Encryption renders data unreadable to those who do not have the encryption key or cannot use Decrypt. It can be used to protect files, lines of communication, and even entire nodes. In Shadowrun, the rules for encryption include encoding, ciphers, and other forms of cryptography. Unfortunately, in the 2070s, encryption is not a very strong protection against prying eyes. Cryptanalysis techniques are far advanced of encryption theory. At best, encryption can only slow down a dedicated attacker. Even so, in a Matrix that moves at the speed of light, every microsecond counts. All encryption has a rating, which is used to determine how difficult it is to break. The higher the rating, the better the encryption. Usually, the rating of the Encrypt program used is the rating of the encryption. When encryption is initiated, the user selects a key, which may be a word, phrase, ARO, gesture, song, etc. Thereafter, any other user with that key may decrypt the signal, file, or node with a Simple Action. Signals encryption A connection between two nodes can be encrypted to help protect it from eavesdropping. To make this happen, at least one Simon Wentworth (order #1132857) 9 65 systeM security . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Page 1 and 2:
TM Simon Wentworth (order #1132857
Page 3 and 4:
Simon Wentworth (order #1132857) 9
Page 5 and 6:
Malware 86 Agents 87 Botnets 88 the
Page 7 and 8:
JackPoint StatS___ 57 users current
Page 9 and 10:
Page 11 and 12:
AR transmissions are so easy to eav
Page 13 and 14:
And I’m even happier when I can i
Page 15 and 16: tHe aUgMented worLd The augmented w
Page 17 and 18: people started cobbling together re
Page 19 and 20: While the cheaper commlinks are onl
Page 21 and 22: Matrix criMeS > I’ve downloaded a
Page 23 and 24: “protection rackets” against vi
Page 25 and 26: a general agreement that in order t
Page 27 and 28: Now, to operate in the sprawl, you
Page 29 and 30: capabilities and resources to do it
Page 31 and 32: popULar SoUSveiLLance videoS knight
Page 33 and 34: drug treatments during incarceratio
Page 35 and 36: Simon Wentworth (order #1132857) 9
Page 37 and 38: of more than one sprite at a time.
Page 39 and 40: intuitive Hacking Cost: 5 BP A char
Page 41 and 42: tweaking tHe rULeS Gamemasters and
Page 45 and 46: ‘link will s-l-o-w d-o-w-n, big t
Page 47 and 48: gram and a massive amount of time (
Page 49 and 50: . . . Matrix topoloGy . . . Hex was
Page 53 and 54: track programs are not able to dete
Page 55 and 56: node attributes like a metaphor or
Page 57 and 58: datatrail Every interaction on the
Page 59 and 60: a castle could represent a control
Page 61 and 62: Simsense can also be used for exper
Page 65: with their image links is an expens
Page 69 and 70: aLertS Another important line of de
Page 71 and 72: B A R S C I L W ESS 3 2 3 2 3 4 4 3
Page 73 and 74: encryption on the access log of the
Page 75 and 76: filled with a high-rating Data Bomb
Page 77 and 78: You also need to choose the Matrix
Page 79 and 80: Sculpting: The node looks a lot lik
Page 81 and 82: Hardware: Saeder-Krupp Schwermetall
Page 85 and 86: Don’t call me a script kid Don’
Page 87 and 88: ight commands to bring those things
Page 89 and 90: drivers on my commlink before I tur
Page 91 and 92: what it sounds like: two or more ha
Page 93 and 94: Yep. You can also stick malware int
Page 95 and 96: gaMe inforMation The Hacker’s Han
Page 97 and 98: paYdata General rules for fencing p
Page 99 and 100: Pistons is researching the NeoNET A
Page 101 and 102: Spoofing commands from a user with
Page 103 and 104: to Mook or not to Mook? For some ch
Page 105 and 106: Issuing commands to a smartgun thro
Page 107 and 108: igger trickS Like hackers, riggers
Page 111 and 112: Server-Side prograMS Server-side pr
Page 113 and 114: cess (even if the agent tries to ha
Page 115 and 116: worms). To match the opposition, ho
Page 117 and 118:
Mute Program Types: Common, Hacking
Page 119 and 120:
temporary degradation can be restor
Page 121 and 122:
advanced prograMMing taBLe Software
Page 123 and 124:
prone to degradation. This is in pa
Page 125 and 126:
dataworms Dataworms are a stealth t
Page 127 and 128:
military and police units, professi
Page 129 and 130:
them and plot them on a three-dimen
Page 131 and 132:
. . . technoMancers . . . The secur
Page 133 and 134:
Page 135 and 136:
attuning to a particular part of th
Page 137 and 138:
advanced tecHnoMancer rULeS The rec
Page 139 and 140:
Streams are still evolving and are
Page 141 and 142:
info Savants Fading: Intuition + Re
Page 143 and 144:
experience, induced by unfiltered e
Page 145 and 146:
don’t have to be strictly technom
Page 147 and 148:
new ecHoeS The following section ex
Page 149 and 150:
Sift Technomancers who possess this
Page 151 and 152:
Neuroleptic: This widget creates a
Page 153 and 154:
make are geared towards someone wit
Page 155 and 156:
Page 157 and 158:
Pilot Response Firewall Matrix INIT
Page 159 and 160:
traceroUte taBLe Subject Interacts
Page 161 and 162:
• It may raise one complex form i
Page 163 and 164:
. . . Matrix phenoMena . . . It’s
Page 165 and 166:
Page 167 and 168:
gaMe inforMation This section provi
Page 169 and 170:
(plus an additional box if the AI h
Page 171 and 172:
known aiS These are but a few examp
Page 173 and 174:
Uv nodeS—at tHe edge of reaLitY I
Page 175 and 176:
is something larger beyond the curt
Page 177 and 178:
the realm where the source code was
Page 179 and 180:
infektors The Infektors’ ultimate
Page 181 and 182:
corrupting it into a temporary diss
Page 183 and 184:
Pilot Response Firewall Matrix INIT
Page 185 and 186:
Page 187 and 188:
former prematurely and leave them o
Page 189 and 190:
playback gear On the most basic lev
Page 191 and 192:
y default can be used repeatedly an
Page 193 and 194:
to explain the missing time. Also,
Page 195 and 196:
compartmentalized pieces of informa
Page 197 and 198:
. . . Matrix Gear . . . Glitch was
Page 199 and 200:
Page 201 and 202:
eLectronicS Electronics follow all
Page 203 and 204:
Hacker ServiceS See Buying a Better
Page 205 and 206:
Software Suites Availability Cost H
Page 207 and 208:
SaMpLe nodeS (cont.) . . . . . . .
Page 209 and 210:
SaMpLe SpiderS (cont.) Security tec
show all

comStar Firewall alert - PhaseThrough

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?