comStar Firewall alert - PhaseThrough
comStar Firewall alert - PhaseThrough
comStar Firewall alert - PhaseThrough
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
aLertS<br />
Another important line of defense in any system is the intruder<br />
<strong>alert</strong>. A node under an active <strong>alert</strong> is “aware” of a specific<br />
access ID that has hacked or is trying to hack his way into the<br />
system. If a system is made up of multiple nodes, an <strong>alert</strong> in one<br />
node puts all nodes on <strong>alert</strong> against the same intruder.<br />
A node on <strong>alert</strong> gains a +4 bonus to its <strong>Firewall</strong> against the<br />
intruder specified in the <strong>alert</strong>. Additionally, all privileges involving<br />
the node itself (such as deactivating programs or agents, rebooting,<br />
editing files, etc.) are no longer automatically allowed to the<br />
trespasser, who must either use the Hacking skill to perform such<br />
actions or Spoof a command from a legitimate user that still has<br />
her permissions intact.<br />
The young hacker, /dev/grrl, has hacked herself an<br />
admin account, but she glitches on a roll and an active<br />
<strong>alert</strong> ensues. While she normally would have been able<br />
to Edit the node’s access log without rolling, she now must<br />
make an Opposed Hacking + Edit Test against the node’s<br />
<strong>Firewall</strong> + System to do so.<br />
An <strong>alert</strong> is most often automatically triggered by a node’s<br />
<strong>Firewall</strong>. Additionally, any user, agent, or IC with a security or<br />
admin account may initiate an <strong>alert</strong> against an intruder with a<br />
Free Action. When an <strong>alert</strong> is triggered, a node executes its <strong>alert</strong><br />
response configuration (see below).<br />
<strong>alert</strong> response configuration<br />
One of the most important duties of the spider is configuring<br />
the script that a node automatically runs when an active <strong>alert</strong><br />
Unwired<br />
is initiated. The script is called the <strong>alert</strong> response configuration<br />
(ARC). The ARC is automatically executed the moment the <strong>alert</strong><br />
is triggered. Unfortunately for the spider, the response a node<br />
can offer on its own is limited; system software is not designed to<br />
handle intrusion, and relies on spiders and IC. A node will execute<br />
its ARC only once per active <strong>alert</strong> triggered, and it will only run it<br />
against the icon that triggered the <strong>alert</strong>.<br />
The spider has a number of options when configuring the<br />
ARC, but may only choose one. If a node’s ARC is not known, or<br />
needs to be generated randomly, use the Random Alert Response<br />
table, p. 223, SR4.<br />
Launch IC: With this configuration, the node immediately<br />
runs one IC program. The particular program that is launched is<br />
chosen by the spider when the ARC is configured.<br />
Scramble Security Hacker: When an <strong>alert</strong> is initiated with<br />
this configuration, the node will contact one designated spider or<br />
security hacker specialist (chosen in advance) and report the <strong>alert</strong>.<br />
It will also automatically log the spider or hacker onto the node,<br />
opening a subscription; this does not require a Log On action by<br />
the hacker.<br />
Terminate Connection: The node immediately makes a<br />
single attempt to log the attacker out of the system (see Terminate<br />
Connection, p. 223, SR4) when the <strong>alert</strong> is activated. When this<br />
test is made, the +4 bonus to <strong>Firewall</strong> against the icon bearing the<br />
access ID of the one that triggered the <strong>alert</strong> is included in the dice<br />
a Brief HiStorY of crYptograpHY<br />
While cryptography has been studied since<br />
ancient times, the mathematical science of finding<br />
strong encryption techniques and ways to attack<br />
them really took off during World War II. In the<br />
following decades, a number of strong encryption<br />
algorithms were developed. Attacks on these methods<br />
were difficult, and most required far longer than<br />
a metahuman lifetime to perform. Encryption was a<br />
safe and reliable way to secure information.<br />
Then, in 2065, a researcher at the Universität<br />
Stuttgart named Heinrich Andrews published an<br />
academic paper on a new method of attacking<br />
encryption. The paper described a technique that<br />
utilized the computational power of the latest<br />
generation of processors along with a breakthrough<br />
mathematical algorithm. It seemed that<br />
encryption techniques were no longer as secure as<br />
they once were.<br />
Despite attempts by various corporate and<br />
government agencies to suppress it, Dr. Andrews’s<br />
paper was circulated quickly around the Matrix<br />
shadow community. Shortly thereafter, a new<br />
generation of Decrypt programs hit the Matrix,<br />
all using the freshly dubbed “Heinrich Maneuver”<br />
to speed up cryptanalysis attacks.<br />
Research into newer and stronger encryption<br />
continues, but there have as yet been no new developments.<br />
For now, at least, the days of reliable<br />
encryption are gone.<br />
Simon Wentworth (order #1132857) 9<br />
67<br />
systeM security . . . . . . . . . . . . . . . . . . . . . . . . . . . . .