comStar Firewall alert - PhaseThrough

Recommendations

Info

hacker’s handbook . . . . . . . . . . . . . . . . . . . . . . . . . . 88 BotnetS Normally when you load an agent onto a different node from your commlink, you maintain an active subscription to that agent, issuing orders and receiving feedback in real time with a minimum of hassle. Naturally, your active subscriptions limit the number of agents you can have running at once. To get around that, instead of maintaining active subscriptions you can link your agents into a network—a botnet. A botnet isn’t as slick as an active subscription, but if you’re looking to recruit a codezombie army of doom, it’s a good start. By itself you might think a botnet is simply a useful tool for managing a lot of agents, but the implications for hackers are huge. With a botnet you can keep tabs on dozens of nodes at once, setting up some truly righteous hacks. Most really organized Matrix gangs and syndicate Matrix crime crews use botnets for distributed denial of service (DDOS) attacks, extending their traditional protection rackets and blackmail operations into the Sixth World. A DDOS attack uses scores or hundreds of bots on different nodes to connect to a single node at the same time, usually preventing all traffic into and out of the node—quite a killer for a commercial node, and well worth it to online merchants to pay a “protection” fee against the possibility of it happening to them. > Sometimes when you can’t pull off a big hack, you can use a botnet to pull off a lot of little hacks that add up to the same thing. Perfect example: traffic control. Hacking the individual lights and using bots to control them can be a hell of a lot easier than hacking the central traffic node. > Turbo Bunny > Unless, like in Hong Kong, all of the traffic lights are slaved to the central node anyway, in which case you have no choice but to hack it. Or in New York, where the lights are tied into the GridGuide system for better traffic flow control. > Traveler Jones See, it’s not just hackers that use botnets—it’s corps too! How do you think AZT manages its fleets of spambots, or MCT datafarms millions of customer datafiles every day? Their experts use botnets to direct and control fleets of agents, and if you know what to look for you can take control of one or more of their bots and get them to work for you—at least, until the wageslave managing the botnet notices something weird is going on. While the corps don’t like to talk about it, botnets are also a way for them to wage war on one another through the Matrix. It’s a rarely used tactic for a megacorp to directly fuck with another megacorporate node with a botnet because of the fear of reprisals from the Corporate Court; current Matrix warfare theory holds that if two AAA-rated megacorps decided to engage in a full-scale Matrix conflict, botnets would feature prominently in the strategy. tHe art of war Posted By: Pistons To a combat hacker like me, the Matrix is a battlefield. Espionage, siegecraft, stratagems, the parry and thrust of cybercombat. The kid’s covered some of the basic weapons you’ll have in your conflicts across the Matrix, so what you need now is the down-and-dirty of the tactics hackers use. A little strategy and the right weapon can win any war. MaSS proBeS The key to a successful botnet isn’t getting a lot of agents— you can copy those programs for free. What you really need is a large number of nodes to run your agents on. That’s where a mass probe comes in. It starts off by having a large list of potential targets—hacker nexi usually have dozens of these lists around, but you can use the Yellow Pages node if you really want to. There are different strategies and mathematical formulae to optimize the methodology, but in essence a mass probe is a very quick and direct attack on a node to see if it responds—if it does, you break off quick, if it doesn’t you log it. Either way, you move on down to the next node on the list. After a couple hours of dedicated probing, you’ll have a list of poorly defended nodes that should be a cinch to load your agents into. > You can also mass probe to create a botnet and then have the agents on the botnet mass probe and replicate to create more botnets, etc. That’s how the most malicious worms spread. The Grid Overwatch Division and local authorities keep an eye out for that type of thing, though, and try to nip it in the bud. > Cosmo MaSS attackS Hackers are generally solo types, untrusting and untrustworthy of other hackers. > Hey! I resemble that. > Puck Still, hackers also have a long tradition of teamwork and cooperation with other hackers for really big hacks. A mass attack is just Unwired Simon Wentworth (order #1132857) 9
what it sounds like: two or more hackers combining their skills and resources to infiltrate a given node. It has to be a slow hack unless you want to just bust in, but it’s pretty effective. The problem with mass attacks is that once you’re inside the node, alliances tend to fall apart quickly—different hackers want different things, and they sometimes end up fighting each other and node security at the same time. Hey, you know what they say about trusting criminals … pHiSHing While hacking your way into a system is one way to gain access, it’s often loud and noisy—the Matrix equivalent of breaking the glass and reaching through the hole to unlock the door while hoping you haven’t set off any alarms. A quieter, stealthier way is to look under the mat for a key first—or in Matrix parlance, get a passcode and access a legitimate account. Getting passcodes or other personal data off of a mark is called phishing. When you go phishing you need a lure or bait—something to entice the mark or open up a line of dialogue with them. Common phishing lures include an online store or e-mailed offer. A false online store (also called a phishing trap) often acts just like a real one, displaying goods and then taking customer information—including their identities, contact numbers, and shipping addresses—so that you can deliver the product. Phishing lures can also include viruses and other malware that infect customers as they come in, a good way to snag passcodes. Trojans are particularly easy to use if you can disguise them as a “free trial offer” of a new AR software or something like that. > If you don’t mind the cost, the site can even be functional—I know one hacker that started out making an online organic jams distributor and made so much honest cred from passing traffic that she got out of hacking altogether. Of course, she had to apply for business licenses and the like. > Mr. Bonds E-mail phishing attempts (line casting) are often caught by spam filters or discarded out of hand because they don’t interest the mark. Personally, I like to combine the phishing lure and line casting by setting up a fake site geared toward the mark’s interests and then sending a coupon or introductory offer to them. Naturally, this requires some knowledge of the mark and their interests. > A phishing lure can also be used to set up a botnet; you just load a hidden bot on every “customer” that enters the node to browse or shop. > Glitch Once you have their personal and financial data (which pretty much means their SIN number and authorization on their online bank accounts), you can clean them out—which is where a lot of phishers get caught. It’s one thing to duplicate a charge for a meal and make it look like the restaurant deducted the cost twice, but it’s something else again to blow somebody’s life savings on a piece of gear and then have it mailed to you. Keep in mind that any online purchases you make can be tracked back to you. Smart phishers will siphon off some cred to a certified credstick and then disappear with it. More sophisticated phishers target megacorps and financial institutions, often using a lot of social engineering to masquerade as someone who would legitimately have access to the (usually very well protected) personal or financial data. Theoretically you could Unwired set up a bank or other financial institution as a big phishing lure, but I’ve never heard of anyone that managed it. > It’s difficult to pull off because banks, credit unions, and non-bank financial service institutions have a lot of regulations, even in the most unregulated parts of the world (I’m looking at you, Carib League). Still, more than a few venerable financial institutions began as phishing lures until the owners and operators realized they could milk ten or a hundred times more nuyen out of a steady clientele than they could ever take from a single megacorp. And then there’s the handful of orgs that were bought out by the Mafia and the Yakuza. > Mr. Bonds deniaL of Service Denial of Service (DOS) attacks are proof that ancient hacker philosophy never goes out of style (though it may fall behind the tech curve). DOS attacks are about locking a user out of their commlink or terminal, or more often preventing a node or commlink from accessing the rest of the Matrix by flooding it with incoming connections. The how and the why might change each time, but the basic goal is the same—denying someone Matrix service. The key to most DOS attacks is overloading the target with traffic, with botnets being the weapon of choice. A hacker with a big enough botnet can inundate the target with data requests, connection requests, and other forged signals, locking out other incoming traffic. Spiders and IC can try to filter out the bot traffic or spoof their node’s access ID, but sheer numbers usually swing things in the botnet’s favor. A DOS attack on a commlink is a little more difficult, because you first have to perform a successful trace on the target icon; you can also lock someone out of their commlink or node with a little judicious editing of the connection filters, cutting them off from practically the entire Matrix. If you have the time and skill to mess with the accounts, you could even change all of the passcodes to keep the legitimate information technology personnel from fixing the problem right away. Of course, anything else that prevents people from accessing the target works too—crashing the operating system on a node, physical damage to a key server or optical trunk that supports traffic in and out of the node, switching the node to hidden mode—anything your dirty, clever little minds can think of. > I had a job a couple months back where my group was hired to do a 24-hour DOS attack against the node of a corp that was going to release a new product online that day, but our hacker gal got sick and couldn’t perform. Ended up having to cut the optical trunk and aim a HERF rifle at it all day. Then the punks tried to switch to a satlink, and I ended up blowing that up with a missile! So much for a nice, quiet Matrix job. > Beaker ranSoMware By itself, a DOS attack is normally a means to an end, not an end in and of itself. Script kiddies may get their jollies locking some poor bastard out of his home terminal so he can’t turn in his homework or show up in his virtual classroom, but more often than not a DOS attack is part of the growing Matrix-based extortion phenomena. The idea behind Matrix extortion is simple: individuals, corporations, even governments need access to the Matrix and certain files. Simon Wentworth (order #1132857) 9 89 hacker’s handbook . . . . . . . . . . . . . . . . . . . . . . . . . .
Page 1 and 2:
TM Simon Wentworth (order #1132857
Page 3 and 4:
Simon Wentworth (order #1132857) 9
Page 5 and 6:
Malware 86 Agents 87 Botnets 88 the
Page 7 and 8:
JackPoint StatS___ 57 users current
Page 9 and 10:
Page 11 and 12:
AR transmissions are so easy to eav
Page 13 and 14:
And I’m even happier when I can i
Page 15 and 16:
tHe aUgMented worLd The augmented w
Page 17 and 18:
people started cobbling together re
Page 19 and 20:
While the cheaper commlinks are onl
Page 21 and 22:
Matrix criMeS > I’ve downloaded a
Page 23 and 24:
“protection rackets” against vi
Page 25 and 26:
a general agreement that in order t
Page 27 and 28:
Now, to operate in the sprawl, you
Page 29 and 30:
capabilities and resources to do it
Page 31 and 32:
popULar SoUSveiLLance videoS knight
Page 33 and 34:
drug treatments during incarceratio
Page 35 and 36:
Page 37 and 38:
of more than one sprite at a time.
Page 39 and 40: intuitive Hacking Cost: 5 BP A char
Page 41 and 42: tweaking tHe rULeS Gamemasters and
Page 43 and 44: Simon Wentworth (order #1132857) 9
Page 45 and 46: ‘link will s-l-o-w d-o-w-n, big t
Page 47 and 48: gram and a massive amount of time (
Page 49 and 50: . . . Matrix topoloGy . . . Hex was
Page 53 and 54: track programs are not able to dete
Page 55 and 56: node attributes like a metaphor or
Page 57 and 58: datatrail Every interaction on the
Page 59 and 60: a castle could represent a control
Page 61 and 62: Simsense can also be used for exper
Page 65 and 66: with their image links is an expens
Page 67 and 68: To avoid detection, the hacker can
Page 69 and 70: aLertS Another important line of de
Page 71 and 72: B A R S C I L W ESS 3 2 3 2 3 4 4 3
Page 73 and 74: encryption on the access log of the
Page 75 and 76: filled with a high-rating Data Bomb
Page 77 and 78: You also need to choose the Matrix
Page 79 and 80: Sculpting: The node looks a lot lik
Page 81 and 82: Hardware: Saeder-Krupp Schwermetall
Page 85 and 86: Don’t call me a script kid Don’
Page 87 and 88: ight commands to bring those things
Page 89: drivers on my commlink before I tur
Page 93 and 94: Yep. You can also stick malware int
Page 95 and 96: gaMe inforMation The Hacker’s Han
Page 97 and 98: paYdata General rules for fencing p
Page 99 and 100: Pistons is researching the NeoNET A
Page 101 and 102: Spoofing commands from a user with
Page 103 and 104: to Mook or not to Mook? For some ch
Page 105 and 106: Issuing commands to a smartgun thro
Page 107 and 108: igger trickS Like hackers, riggers
Page 111 and 112: Server-Side prograMS Server-side pr
Page 113 and 114: cess (even if the agent tries to ha
Page 115 and 116: worms). To match the opposition, ho
Page 117 and 118: Mute Program Types: Common, Hacking
Page 119 and 120: temporary degradation can be restor
Page 121 and 122: advanced prograMMing taBLe Software
Page 123 and 124: prone to degradation. This is in pa
Page 125 and 126: dataworms Dataworms are a stealth t
Page 127 and 128: military and police units, professi
Page 129 and 130: them and plot them on a three-dimen
Page 131 and 132: . . . technoMancers . . . The secur
Page 135 and 136: attuning to a particular part of th
Page 137 and 138: advanced tecHnoMancer rULeS The rec
Page 139 and 140: Streams are still evolving and are
Page 141 and 142:
info Savants Fading: Intuition + Re
Page 143 and 144:
experience, induced by unfiltered e
Page 145 and 146:
don’t have to be strictly technom
Page 147 and 148:
new ecHoeS The following section ex
Page 149 and 150:
Sift Technomancers who possess this
Page 151 and 152:
Neuroleptic: This widget creates a
Page 153 and 154:
make are geared towards someone wit
Page 155 and 156:
Page 157 and 158:
Pilot Response Firewall Matrix INIT
Page 159 and 160:
traceroUte taBLe Subject Interacts
Page 161 and 162:
• It may raise one complex form i
Page 163 and 164:
. . . Matrix phenoMena . . . It’s
Page 165 and 166:
Page 167 and 168:
gaMe inforMation This section provi
Page 169 and 170:
(plus an additional box if the AI h
Page 171 and 172:
known aiS These are but a few examp
Page 173 and 174:
Uv nodeS—at tHe edge of reaLitY I
Page 175 and 176:
is something larger beyond the curt
Page 177 and 178:
the realm where the source code was
Page 179 and 180:
infektors The Infektors’ ultimate
Page 181 and 182:
corrupting it into a temporary diss
Page 183 and 184:
Pilot Response Firewall Matrix INIT
Page 185 and 186:
Page 187 and 188:
former prematurely and leave them o
Page 189 and 190:
playback gear On the most basic lev
Page 191 and 192:
y default can be used repeatedly an
Page 193 and 194:
to explain the missing time. Also,
Page 195 and 196:
compartmentalized pieces of informa
Page 197 and 198:
. . . Matrix Gear . . . Glitch was
Page 199 and 200:
Page 201 and 202:
eLectronicS Electronics follow all
Page 203 and 204:
Hacker ServiceS See Buying a Better
Page 205 and 206:
Software Suites Availability Cost H
Page 207 and 208:
SaMpLe nodeS (cont.) . . . . . . .
Page 209 and 210:
SaMpLe SpiderS (cont.) Security tec
show all

comStar Firewall alert - PhaseThrough

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?