The problem with agents, How to solve it. Options

[Serbitar]

[Cognitive Resona...]

Don't you still have to use a command utility and try and get the agents to do stuff, doesn't that limit them?

[GrinderTheTroll]

[Cognitive Resona...]

[Serbitar]

See Comlink thread

[deek]

[Serbitar]

well, personally:

[Blade]

The bigger risks of a glitch happening with a lot of agents on the node is a good way of considering how too much security might set off too many false positives.

For example, to avoid people breaking passwords by trial and error, you flag as "hacker" anyone typing a wrong password 20 times in a row. You don't risk seeing many legit users getting flagged as hackers, but a hacker may find in less than 20 tries. So you lower the limit to twice in a row. Your system is far more secure but now you'll also flag as hackers a lot of legit users who just forgot to remove caps-lock.

[Garrowolf]

Actually one of the security features that I saw in a game was that anytime there was an alert about someone making password mistakes too much (more the 4 times I think) it would shunt you into a false system that had a lot of good 'looking' data around but did nothing except record everything you did.
If they did nothing except try and get back to their proper desktop then they allowed to after awhile. If they tried to go through the fake data it would provide more fake data and trace you.

[laughingowl]

Maybe I was wrong but I thought it worked this way:

Agent subsribed to YOUR persona. Counts a a program on 'your commlink' with all applicable rules. Goes anywhere YOU are.

Agent on 'remote service' mode (ok I play Technomancer more :-). Agent is loaded in a node with all applciable progams (note ALL programs count as 'active' and limit as appropriate. JUST LIKE A HACKER, IF agent travels to another node (to hack, etc), the agent counts as running on THAT node. (with possible loss (or gain) of ratings). Basically the agents pilot+exploit test is to 'load' itself on the respective node.

This limits the 20 commlinks/nodes each running an agent all hitting a node (most likely just crashing system down to system 0 and crashing it, USUALLY in favor of the host system)

The 'probing' (or hacking on the fly) test would be from the 'source' node; however if the agent gets 'in' it is now running on the destination node (with possible crash results if too many agents).

Likewise to 'anaylse' a node to watch for bad traffic, the agent would have to be loaded in the actual node it is watching.

This limits 'effective' agents per node and allows them to be effective (and a hardened system) if it goes into an alert is very painful.

On all but the 'most' paranoid system though if multiple 'firewall' to IC I have the system designers set it so it requires 2 agents to report an alert before going into an alert status (reduces false alarms greatly)

Now one very very very strong system so far...

System 1 / reasontion -1 'firewall' subsribed to your main commlink.

Force 6 spirte on remote system guarding it.

Takes a technomancer, but while possible to 'hack' the firewall aint nobody getting 'through' the system when they suddenly hit the sluggish processor with a major sprite protecting it.