comStar Firewall alert - PhaseThrough
comStar Firewall alert - PhaseThrough
comStar Firewall alert - PhaseThrough
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
systeM security . . . . . . . . . . . . . . . . . . . . . . . . . . . . .<br />
72<br />
by the owner. It can make its own<br />
decisions about prioritization, or it<br />
can be given a priority list. It appears<br />
in the Matrix as a white bird<br />
wearing a traditional nurse’s hat.<br />
Loaded Programs: Medic<br />
watanabe electric kitsune<br />
This program takes the form<br />
of an anthropomorphic fox with<br />
configurable gender and outfits. Its<br />
task is to politely greet icons as they<br />
enter a node and help direct them<br />
to the appropriate resources. It<br />
also performs a Matrix Perception<br />
Test on every icon that enters, and<br />
continues to check icons while<br />
idle, starting with the least recently<br />
Analyzed. If it finds an icon that<br />
lies outside of the parameters with<br />
which it is configured, it triggers an<br />
active <strong>alert</strong>.<br />
Loaded Programs: Analyze<br />
SYSteM topoLogY<br />
Another way to secure a system is by putting it together in<br />
a way that is easier to secure. Much the same way that castles and<br />
secure facilities have physical configurations of walls and entry<br />
points that are more easily defended than others, Matrix systems<br />
can be built with security in mind.<br />
tipS and trickS<br />
Security is not merely statistics and Matrix attributes. A<br />
system can be protected by a strong combination of policies, procedures,<br />
and topologies. The strategies and tactics offered below<br />
are just a small sampling of the expert spider’s bag of tricks.<br />
Backups and More Backups<br />
One simple way to protect important files and programs is to<br />
make copies on a recurring basis and store them in an encrypted<br />
and/or protected archive. By comparing the current programs and<br />
files to the backups at regular intervals (from once a week for lowsecurity<br />
systems up to every hour for high-security), a spider or<br />
agent can detect backdoors, viruses in programs, and altered files.<br />
The damaged files and programs can then be fixed by overwriting<br />
undesirable icons with the backups.<br />
chokepoints<br />
The less a spider has to monitor, the easier it is for him to<br />
secure. Networks of nodes need more resources for security than<br />
a single node.<br />
One way to limit the vulnerability of a large network is to allow<br />
only one or two nodes that act as gateways to the rest of the system.<br />
The rest of the nodes in the network are then kept behind wirelessimpeding<br />
materials or are linked by fiber optic cables and have no<br />
wireless capability at all. Much like a checkpoint in a real-world facility,<br />
when all traffic enters at a single point, a spider can keep the network<br />
secure by monitoring only those nodes that have outside access.<br />
This does not prevent an attack from within the system, usually<br />
executed by physically entering the facility that the network<br />
serves and accessing inner nodes directly. This falls under the<br />
spider’s physical duties, along with those of the physical security<br />
of the facility.<br />
communication protocols<br />
A good spider remembers to secure the most vulnerable part<br />
of her system: the users. The strongest <strong>Firewall</strong> and IC in the world<br />
are no match for an idiot employee with clearance, and a good<br />
hacker knows it. A spider can put into place certain rules of communication<br />
to be followed by the users in a facility to help protect<br />
against a social engineering attack.<br />
For example, a shadowrunner might make a commcall into a<br />
facility posing as a high-level executive in order to steal a passcode<br />
from a night clerk. If that clerk is aware of a policy in place that<br />
states that no management will ever call except on certain lines, or<br />
that they will use certain code words when making such calls, the<br />
chances that the clerk will divulge sensitive information is drastically<br />
reduced.<br />
cryptosense Sculpting<br />
Though unusual, some systems use cryptosense simsense data<br />
in their system sculpting—sensory data such as ultrasound, thermographic,<br />
etc. A user who does not have a proper cryptosense module<br />
(p. 196) and who does not possess that physical sense will not be<br />
able to interpret the data. This will not prevent a hacker from making<br />
Matrix operations, but the lack or confusion of sensory details<br />
might inflict a –1 dice pool modifier to some actions (gamemaster’s<br />
discretion). Use of a reality filter will override cryptosense data.<br />
decoys<br />
Decoys are files and nodes that appear to be more dangerous<br />
than they actually are. By running a Stealth program that targets<br />
a file, a node can make that file appear to be larger or smaller,<br />
Unwired<br />
Simon Wentworth (order #1132857) 9