IPB

Welcome Guest ( Log In | Register )

2 Pages V   1 2 >  
Reply to this topicStart new topic
> Matrix Revisited, more house rules
Thanee
post Mar 28 2007, 01:32 PM
Post #1


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



I'm trying to figure out a good system to run the Matrix in SR4. Mostly for more complex Matrix runs, as quick'n'dirty runs that just require a few rolls work well enough. But when it comes to situations, where the System actually begins to defend against the intruder, things are really vague in the SR4 Matrix rules.

Here's what I'm thinking about currently... comments are welcome! (IMG:style_emoticons/default/smile.gif)

I liked the Security Tally trigger threshold lists in the previous edition, where the system increases its countermeasures depending on how many hits it accumulates over time. That's a nice and simple system that works well and isn't all-or-nothing. I tried to make something similar, which is fast-playing (once it's done) and also fun and exciting.


I was thinking about something along these lines (still work in progress):


There are six general Security Ratings to categorize nodes and systems. 1 is only rudimentory security, while 6 means state of the art high-level security (only for the most important nodes in corporate systems and such; high-level security measures are expensive). Depending on the Security Rating, responses will trigger faster and be more drastic.


Hackers always make opposed tests in the system, just as normal in SR4.

Whenever the system wins on an opposed test, the total hits (not just net hits) are noted and tallied together into an Alarm Total.

When hacking in (on the fly or probing the target first) the system's hits (not net hits) are tallied together to determine the state of the system at the point the hacker made it inside. There is no immediate response yet (see below).

Once inside, any opposed tests against IC or other defenses also add to the total, and immediate responses happen whenever the system wins on an opposed test.


Two things happen whenever the system (or one of its security measures) wins on an opposed test:

1) Immediate Response (Node): Depending on the net hits scored and the Node Security Rating, as well as the current Alarm Level (see below), the system will trigger some immediate responses in the node in question; usually these will be investigative in nature (i.e. validate the user ID (Hacking+Exploit vs Analyze+Firewall; the system triggers immediate responses and raises the Alarm Total as normal), or send some IC to guard the node in question), but when the system is on Active Alert (see below) the responses will change and combat measures are executed against the intruder.

2) Accumulated Response (System): Total hits (not just net hits) are tallied together over all opposed tests where the system wins during a hacking attempt (similar to an extended test); this is called the Alarm Total. For every multiple by which the Alarm Total beats the hacker's Stealth Rating (i.e. Rating 4 means at 4, 8, 12, 16, etc hits) the system's Alarm Level is raised by one step (starting from 0). In other words, the Alarm Level equals Alarm Total / Stealth Rating (round down).

(If there are multiple hackers in the same system, even if they are independent of each other, all hits are tallied together nonetheless; only the immediate response is individual; the compared Stealth Rating should be the lowest one present in the system in that case.)

Whenever a new Alarm Level is reached, the system will trigger system-wide responses (depending on the System Security Rating), releasing IC to patrol or guard specified nodes (depending on each node's Node Security Rating), requesting security hackers for investigation and so on, even system shutdown is possible.

Low Alarm Levels (usually up to 3) mean the system is on Passive Alert (i.e. a possible intrusion, but not verified yet), while higher Alarm Levels (usually 4+) mean, that the system is on Active Alert (verification that the system is compromised). Once the system is on Active Alert, combat measures are executed (or even some nodes or the whole system are shut down); this is also the point where Black IC typically appears on the stage. Investigating IC or security hackers can set a system on Active Alert immediately, if they identify an intruder, likewise system-wide Active Alert could happen as an immediate response in a node (typically only for nodes with a higher Node Security Rating, and triggered with a high number of net hits). If an Active Alert is triggered directly like this, the system is set to the lowest Alarm Level with Active Alert (unless it already has a higher Alarm Level, of course, in which case nothing additional happens), and the Alarm Total is set to the new Alarm Level x Stealth Rating (the minimum to reach that Alarm Level, also only if it isn't higher already). Glitches automatically raise the Alarm Level by one (the Alarm Total is set to the minimum for that Alarm Level as above).

The Alarm Level is added to the system's Firewall for all further opposed tests in every node. There's no additional +4 bonus to the Firewall on an Active Alert.

The Alarm Level is also added to the net hits scored in order to check for immediate response in the current node (see above), which means that when the system is on alarm, responses are generally more drastic.

With appropriate access level (security or admin) and when in the appropriate node, it might be possible to lower the Alarm Level, but otherwise it only goes up.


Immediate Response
Each node has a Node Security Rating and a list with immediate responses listed by net hits + Alarm Level (these are added together before determining the response). There should be standard lists (though specific systems could vary here) to make things easy and to help judge proper countermeasures (one for each of the six Security Ratings).

Specifics still need to be ironed out here, but a list could look like this:

QUOTE
Node Security Rating 4:

No Alert (Alarm Level 0) or Passive Alert (Alarm Level 1-3)

net hits + Alarm Level =
1 : none
2 : validate user ID
3 : validate user ID and send Rating 3 White IC (Analyze) to guard the node
4 : validate user ID and send Rating 4 Grey IC (Analyze) to guard the node
5+ : Active Alert and send Rating 4 Grey IC (Attack) to the node

Active Alert (Alarm Level 4+)

net hits + Alarm Level =
1-4 : N/A
5 : send Rating 3 Grey IC (Attack) to the node
6 : send Rating 4 Grey IC (Attack) to the node
7+ : send Rating 3 Black IC (Blackout) to the node


Accumulated Response
There also needs to be a standard list for what happens at what Alarm Level in the system (depending on the System Security Rating) and in each node (with a certain Node Security Rating).

An entry in this list could look like this:

QUOTE
System Security Rating 4:

Alarm Level 3 (Passive Alert)

Request Security Hacker for immediate investigation. Notify Users of a possible security breach. Send Rating 3 Grey IC (watchdog profile) on guard in every node with a Node Security Rating of 5+. Send Rating 4 Grey IC (tracker profile) on patrol through all nodes with Node Security Rating 3-4.


Terminology: Node Security Rating is the security level of a specific node. More important nodes typically have a higher Security Rating. It ranges from 1 to 6. System Security Rating is the system's overall level of security, the System Security Rating is not directly related to the Node Security Rating (though higher Node Security Ratings are typically found in systems with a high System Security Rating). It, likewise, ranges from 1 to 6. Alarm Total is the total number of accumulated hits the system gained during the hacking attempt, where all hits (not just net hits) scored in opposed tests where the system has won are tallied together. Alarm Level is the state of alarm in the system and equal to Alarm Total / Stealth Rating (round down). As it grows higher, the system becomes gradually more difficult to hack. Passive Alert means the system has noticed anomalies and investigates further (typically for Alarm Levels up to 3). Active Alert means the system has verified that it is compromised and an intruder is present; combat measures are executed (typically for Alarm Levels of 4 or higher). Validate user ID is a Hacking+Exploit vs Analyze+Firewall opposed test; the system triggers immediate responses and raises the Alarm Total as normal. Black IC is IC employing Blackout or Black Hammer attack programs, while Grey IC only uses standard attack routines. White IC has no attack programs and is purely investigative in nature. Guarding IC remains at the specified node and analyzes all users in the node once per combat round or attacks/tracks intruders, while patrolling IC randomly switches from node to node (remaining in each node for one combat round, analyzing all users it encounters, unless it finds an intruder to attack/track, in which case it stops patrolling and continues to harrass the intruder). The program listed with each IC determines its main purpose, most IC will have additional programs, that are necessary to fulfill its role.

When things should be kept fast and simple, a system could easily be modeled with just a single node with Node Security Rating = System Security Rating. But it also allows to design more complex systems that way as well.

So, what do you think about this so far?



UPDATE! Here are some generic lists, which could be used to try this system out. They are a bit more condensed and instead of having seperate lists for the various Ratings, they incorporate the Ratings into the various responses to allow them to be used in all sorts of systems.

The table for immediate responses just lists generic Node Responses with a Rating. These Node Response Ratings are looked up in the table below by consulting the entry corresponding to the NRR (Node Response Rating) and occasionally also the SSR (System Security Rating); e.g. for a Rating 3 Node Response in a System with System Security Rating 4 you look at the entry for NRR 3 (SSR 4), which says "Rating (NSR) Grey IC (Track)", i.e. send a Grey IC (with Track program) with a Rating equal to the Node Security Rating into the node.

Abbreviations:
NSR - Node Security Rating
NRR - Node Response Rating
SSR - System Security Rating

QUOTE
IMMEDIATE RESPONSE

No Alert (Alarm Level 0)

net hits =
1 : no response
2-3 : validate user ID
4+ : set Passive Alert, validate user ID and Rating 1 Node Response

Passive Alert (Alarm Level 1-3)

net hits + Alarm Level =
1 : N/A
2 : validate user ID
3 : validate user ID and Rating 1 Node Response
4 : validate user ID and Rating 2 Node Response
5 : validate user ID and Rating 3 Node Response
6+ : set Active Alert, attempt to terminate connection and Rating 4 Node Response

Active Alert (Alarm Level 4+)

net hits + Alarm Level =
1-4 : N/A
5 : Rating 4 Node Response
6 : Rating 5 Node Response
7+ : Rating 6 Node Response


QUOTE
NODE RESPONSE

NRR 1 (SSR 1-6) : Rating (NSR) White IC (Analyze)
NRR 2 (SSR 1-6) : Rating (NSR+1) White IC (Analyze)
NRR 3 (SSR 1-6) : Rating (NSR) Grey IC (Track)
NRR 4 (SSR 1-6) : Rating (NSR) Grey IC (Attack)
NRR 5 (SSR 1-4) : Rating (NSR+1) Grey IC (Attack)
NRR 5 (SSR 5-6) : Rating (NSR-1) Black Ice (Blackout)
NRR 6 (SSR 1-3) : Rating (NSR+2) Grey IC (Attack)
NRR 6 (SSR 4) : Rating (NSR) Black Ice (Blackout)
NRR 6 (SSR 5-6) : Rating (NSR) Black Ice (Black Hammer)

----------

If the IC Rating would be 0, no IC is sent.
If the IC Rating would be 7 or higher, the IC Rating is 6 instead, and the number of IC sent is the calculated Rating - 6.


QUOTE
ACCUMULATED RESPONSE

Alarm Level 0 (No Alert)

Nothing happens.

Alarm Level 1 (Passive Alert)

SSR 4-6: Send Rating (SSR-1) White IC (Analyze) on patrol through all nodes with NSR 4+.
SSR 6: Notify System Owner of a possible security breach.

Alarm Level 2 (Passive Alert)

Send Rating (SSR-1) White IC (Analyze) on patrol through all nodes with NSR 3-4.
Send Rating (SSR) White IC (Analyze) on patrol through all nodes with NSR 5+.
SSR 5-6: Notify System Owner of a possible security breach.
SSR 6: Request Security Hacker for immediate investigation.

Alarm Level 3 (Passive Alert)

Send Rating (SSR) White IC (Analyze) on guard in every node with NSR 4+.
Send Rating (SSR-1) Grey IC (Track) on patrol through all nodes with NSR 4+.
SSR 4-6: Notify System Owner of a possible security breach.
SSR 5: Request Security Hacker for immediate investigation.

Alarm Level 4 (Active Alert)

Notify Users and System Owner of a confirmed security breach.
Remove all patrolling White IC.
Send Rating (SSR) Grey IC (Attack) on guard in every node with NSR 5+.
Send Rating (SSR) Grey IC (Track) on patrol through all nodes.
SSR 4: Request Security Hacker for immediate investigation.

Alarm Level 5 (Active Alert)

Notify Users and System Owner of a confirmed security breach.
Terminate all User Connections without valid Security or Admin access level.
Shut down all nodes with NSR 6.
Send Rating (SSR+1) Grey IC (Attack) on patrol through all nodes.
SSR 3: Request Security Hacker for immediate investigation.

Alarm Level 6 (Active Alert)

Notify Users and System Owner of a confirmed security breach.
Terminate all User Connections without valid Security or Admin access level.
Shut down all nodes with NSR 5.
Send Rating (SSR+2) Grey IC (Attack) on patrol through all nodes.

Alarm Level 7+ (Active Alert)

Notify Users and System Owner of System Shutdown.
Complete System Shutdown.

----------

If the IC Rating would be 0, no IC is sent.
If the IC Rating would be 7 or higher, the IC Rating is 6 instead, and the number of IC sent is the calculated Rating - 6.


Bye
Thanee
Go to the top of the page
 
+Quote Post
Aaron
post Mar 28 2007, 07:15 PM
Post #2


Mr. Johnson
******

Group: Dumpshocked
Posts: 3,148
Joined: 27-February 06
From: UCAS
Member No.: 8,314



Do you use a similar system for characters sneaking around a facility?
Go to the top of the page
 
+Quote Post
Kyoto Kid
post Mar 28 2007, 08:13 PM
Post #3


Bushido Cowgirl
*********

Group: Members
Posts: 5,782
Joined: 8-July 05
From: On the Double K Ranch a half day's ride out of Phlogiston Flats
Member No.: 7,490



...the Alarm Total reminds me too much of the old Security Tally in previous editions. A pain in the kiester for the GM to deal with.

I like the basic idea of the Security Ratings but view those as being more threshold based as the old security code colour scale was in past editions (also kind a miss the old Blue -Green - Orange - Red - Ultraviolet :eek:, rating terminology.
Go to the top of the page
 
+Quote Post
Thanee
post Mar 28 2007, 08:48 PM
Post #4


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



QUOTE (Aaron)
Do you use a similar system for characters sneaking around a facility?

Right now, I don't use anything there... it's just an idea currently. :)

And yes, it is like that Security Tally system (as I said), because I like that idea.

I don't quite get what's the problem for the GM, though? It's one (single) number to keep in mind. The rest is looking up stuff on a table.

For the Matrix I like that better than arbitrary decisions, especially because it's much faster to execute.

As for the sneaking around in a facility... there are certain similarities, but there's a big difference... if you run into some sensor trap, an alarm is triggered immediately (which is, I suppose, what you are talking about with the comparison?), because noone is supposed to sneak around there!

In the Matrix, there is always activity and if the system goes on red alert with every slight anomality, which probably happen without any hackers as well, that would greatly limit the usefulness of the system. Hence the slower alarm progression.

Bye
Thanee
Go to the top of the page
 
+Quote Post
Chunk Of Horn
post Mar 28 2007, 10:51 PM
Post #5


Target
*

Group: Members
Posts: 2
Joined: 28-March 07
Member No.: 11,333



I really like this idea as presented because I have been wholly dissatisfied with the current matrix rules. I feel the are clunky, too drawn out and with out any real way to generate a interesting and fluid system architecture. I thank you for taking the time to do this and I think I will implement this in my next session. If you would like I will ask my players what they think and let you know how it went.

On a related tangent where do you weigh in on the whole technomancer power balance and general playability as compared to a decker? If you have any fixes and or revamps I would love to hear your ideas and if you would prefer you could email me directly at bishdan@u.washington.edu

Thanks again.

-Daniel
Go to the top of the page
 
+Quote Post
Garrowolf
post Mar 29 2007, 12:23 AM
Post #6


Moving Target
**

Group: Members
Posts: 870
Joined: 2-October 06
From: Athens Ga
Member No.: 9,517



I use a system based on a version of the security tally. It isn't like the standard system where the system freaks out and sends IC to deal with you. It is based on the idea that there are hundreds of users and many daily hacking attempts. The first thing that it will do in any situation is increase the firewall to shut out the port. If you are a normal user then you won't notice this.

Your stealth program is used to suppress the alarm levels. Any time you as the hacker rolls below the security threshold in a regular system, or any 1s at all in an alerted or high security system, you get an alarm level. You cancel out a number of alarm levels equal to your stealth program automatically. Once it gets above your stealth rating then it adds to the Firewall rating until it doubles. Once it reaches double the port closes and you have to start over with the firewall 1.5 x it's rating.

No one will send IC or tracers after you unless you get a sensitive file. Just getting into their system is just an annoyance.

There is no sneaking around or anything like physical security. That is like someone saying that a picture of a gun is the same a s a real gun. The guards in the matrix are a metaphor. They are hoping that someone will be stupid enough to fall for it. The spyder is not even looking at the VR. He would be watching for alerts coming from sensitive areas. If he wanted to he could look at the VR top down and watch you hide behind a VR pillar to hide from a VR image of a guard. People confuse processes for display. Most processes are not displayed even on your windows desktop. The explination that "It's the future" is not good enough.

If you want a better system for the matrix and technomancers check out my web site below.
Go to the top of the page
 
+Quote Post
Thanee
post Mar 29 2007, 02:49 AM
Post #7


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



QUOTE (Chunk Of Horn)
If you would like I will ask my players what they think and let you know how it went.

But of course! :)

QUOTE
On a related tangent where do you weigh in on the whole technomancer power balance and general playability as compared to a decker? If you have any fixes and or revamps I would love to hear your ideas...


Some good ideas are floating around here. I surely have some ideas, too, but they are not yet thought-out enough, I guess.

One thing is, that I (like many others) want to have attributes influence hacking more. There are ideas to make Program Ratings more like Spell Ratings (i.e. limit maximum number of hits), which are a good start, I think.

As for Technomancers... sorry, too inexperienced with those yet. :)

QUOTE
...and if you would prefer you could email me directly at...


I wouldn't post your e-mail address like this... post it like name AT domain DOT com, so spam bots cannot simply pick it up and load it into their database. ;)

Bye
Thanee
Go to the top of the page
 
+Quote Post
deek
post Mar 29 2007, 05:23 PM
Post #8


Shooting Target
****

Group: Members
Posts: 1,706
Joined: 30-June 06
From: Fort Wayne, IN
Member No.: 8,814



I like the idea of putting more structure around the matrix and I do like the stepping up of the alarm level based on alarm total (i.e. security tally) / stealth rating.

I've been reading Serbitar's suggested system as well, basically how every illegal action is opposed by System + Firewall, with net hits by the system increasing a security tally. Now, he also goes as far as even a failed test by the system still adds 1, so that basically gives a hacker with rating 5 stealth only a total of 5 illegal actions, even when successful, before the node is going to react. Not sure I am in on that, yet.

You suggestion allows a successful hack to go unnoticed, but when the system does detect an illegal actions, that total hits (not net) are added to the alarm total. Your suggestion allows for a more detailed stepped up response, based on the systems successes and the hacker's stealth.

So, in theory, I am liking what you are doing. I must admit that I am a bit confused when you start adding the Node Security Rating and the System Security Rating into the mix. I think the System Security Rating I am understanding, where you could basically list all systems, 1 thru 6, and their corresponding Alarm Level, 1 thru 6, and have a fairly complete and standard chart. Then, a GM would simply set a system's security rating and be able to quickly read what happens as the hacker makes it through different Alarm Levels, granted, this is at an overall system level and therefore would be a little more general, like you outlined below.

But then you are adding another layer, the Node Security Rating, which on the surface, I understand. I mean, a system could have higher and lower security nodes within it.

The part I get confused with is your Node Security Rating 4 chart. You have a (net hits + Alarm Level / immediate response) and I don't understand what you are trying to say here. Then under the Passive and Active Alerts, you have a column of numbers, which supposedly I would be looking at to determine what happens, but how do you pick them? Its not random. Am I taking the Alarm Total? Just not sure.

What I do like is the fact that I only have to tally one number, the Alarm Total. Everything else is derived, with the major one being the Alarm Level as a multiple of Stealth rating. That makes a lot of sense.

I'm not yet sure I like the idea of using total hits instead of net hits for when the system wins a test, but I am assuming that you have looked at the math and balance on that to give something that works. And that is why I mentioned Serbitar's rules, as he is using net hits. But, he is also using two separate tallies, a security tally and then a second one that basically is used to gauge the hacker's footprint and time needed to erase that footprint by deleting logs (I like the idea, just not the extra accounting I would need to do).

So, going back to your suggestion, I would certainly like to get to a point where I have a chart with all 6 System Security Ratings with there associated Alarm Level actions as a quick reference, then a separate chart with all 6 Node Security Ratings and what actions are taken under the Passive and Active alerts. I think that would give a very solid point of reference and be an easy lookup, then obviously, customize for specific runs on a case-by-case basis, if needed.

But for a GM running a matrix run on the fly, you really only need to know a couple things (Node and System Ratings) and you would generally know how each node in the system would react to your hacker. I think it is a good framework, just need to understand a couple things you gave examples on.

Looking over Garrowolf's just now, that seems pretty straightforward, but I don't like the idea of at a point, knocking the hacker off and starting over with 1.5 x Firewall. I mean, a system "could" do that (the closing port), but I wouldn't want to have that be the norm all the time. Getting the stealth rating in there to suppress alarms is good, and I think I like that about all three systems I have read...
Go to the top of the page
 
+Quote Post
Serbitar
post Mar 29 2007, 06:13 PM
Post #9


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE (deek)

I've been reading Serbitar's suggested system as well, basically how every illegal action is opposed by System + Firewall, with net hits by the system increasing a security tally. Now, he also goes as far as even a failed test by the system still adds 1, so that basically gives a hacker with rating 5 stealth only a total of 5 illegal actions, even when successful, before the node is going to react. Not sure I am in on that, yet.


No, im my rules, the node is only collecting net hits.
Go to the top of the page
 
+Quote Post
deek
post Mar 29 2007, 07:01 PM
Post #10


Shooting Target
****

Group: Members
Posts: 1,706
Joined: 30-June 06
From: Fort Wayne, IN
Member No.: 8,814



QUOTE (Serbitar)
QUOTE (deek)

I've been reading Serbitar's suggested system as well, basically how every illegal action is opposed by System + Firewall, with net hits by the system increasing a security tally. Now, he also goes as far as even a failed test by the system still adds 1, so that basically gives a hacker with rating 5 stealth only a total of 5 illegal actions, even when successful, before the node is going to react. Not sure I am in on that, yet.


No, im my rules, the node is only collecting net hits.

Ok, well maybe I am misunderstanding something then.

In section 1.7.1 you state:
Note that in the
case of a fast hack in, the security tally of the hacker
rises by one for every roll even if no net hit was
achieved.

And on page 25 you state:
Because
this is a ”hack on the fly” attempt, for every
roll 1 is added to the security tally, even if no net
hits were generated.

So, does this mean that the 1 added to security tally is added with 0 net hits only on the "hack on the fly" attempt, but not other node tests?

If so, I have much less of an issue with it:)
Go to the top of the page
 
+Quote Post
Serbitar
post Mar 29 2007, 10:35 PM
Post #11


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



Yes, thats right. Its only for hack on the fly attempts. It is quite hard to find a mechanism for difference between probing and hacking on the fly that models the stuff you want to., but this mechanism works quite well.
Go to the top of the page
 
+Quote Post
Garrowolf
post Mar 30 2007, 03:11 AM
Post #12


Moving Target
**

Group: Members
Posts: 870
Joined: 2-October 06
From: Athens Ga
Member No.: 9,517



Well the firewall thing was an attempt to show that they would just close the port after a while and then it would be on a higher alert level. If you wanted to show that they get pinged all the time and don't react to it then have the firewall just increase for that connection and then drop back.
Go to the top of the page
 
+Quote Post
Thanee
post Mar 30 2007, 05:28 AM
Post #13


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



QUOTE (deek @ Mar 29 2007, 06:23 PM)
So, in theory, I am liking what you are doing.


Thanks! :)

QUOTE
I must admit that I am a bit confused when you start adding the Node Security Rating and the System Security Rating into the mix.  I think the System Security Rating I am understanding, where you could basically list all systems, 1 thru 6, and their corresponding Alarm Level, 1 thru 6, and have a fairly complete and standard chart.


A system has an overall Security Rating, which will (through a premade chart, either the standard one, which will be there at some point, or one you make yourself, if you want to change some specifics) determine what the system does with the accumulated hits on the Alarm Total.

Then each node also has a Security Rating, i.e. a node storing important data or handling the security might have a higher Security Rating than some less important node.

QUOTE
The part I get confused with is your Node Security Rating 4 chart.  You have a (net hits + Alarm Level / immediate response) and I don't understand what you are trying to say here.


That's just meant to be the two items listed in the table below (before and after the '/')... it's just the table header so to say. ;)

QUOTE
Then under the Passive and Active Alerts, you have a column of numbers, which supposedly I would be looking at to determine what happens, but how do you pick them?  Its not random.  Am I taking the Alarm Total?  Just not sure.


Before the '/' you have the net hits on the test that triggered the immediate response... the Alarm Level is added to those net hits before looking up the response, since with increasing Alarm Level responses will also be more drastic.

After the '/' comes the specific response (or set of responses) for the entry.

Reading one of your statements below, there might still be some confusion with the Passive and Active Alert differentiation here... it's not meant to be triggered by initiating the Alert, i.e. when the system moves into Active Alert, that fact alone doesn't do anything within the nodes (other than what's listed on the system table itself). The node table is only used whenever the hacker loses a roll against the system. Then, the net hits + current Alarm Level are looked up on the table, and depending on what alert state the system is in, you either look under Passive Alert or Active Alert (while typing this, I just noticed some little inconsistency... Passive Alert also includes No Alert, of course, when the system is still on Alarm Level 0).

QUOTE
What I do like is the fact that I only have to tally one number, the Alarm Total.  Everything else is derived, with the major one being the Alarm Level as a multiple of Stealth rating.  That makes a lot of sense.

I'm not yet sure I like the idea of using total hits instead of net hits for when the system wins a test, but I am assuming that you have looked at the math and balance on that to give something that works.


Exactly. Net hits are simply too few to have any effect in a reasonable time frame.

With Stealth Ratings as high as 6 you would have to dumb down Alarm Levels to 1 and 2 (synonymous to Passive and Active Alert) instead of the more detailed system. Of course, that could be an option as well, I plan to look into that, when I am farther with the whole thing.

Also, if you only counted net hits... the net hits are more or less equal regardless of whether a good hacker runs against a good system (i.e. all Ratings at 6 for both hacker and system) or a bad hacker against a bad system (i.e. all Ratings at 3 for both hacker and system), however, if you tally them up and compare them against the Stealth Rating, you now have it much harder for the good system to detect the good hacker, which shouldn't really be the case (if both are equal in terms of Ratings, results should be comparable). To counteract this disparity, I use the full hits instead of just the net hits, since this number scales with system quality (more dice = more hits).

QUOTE
So, going back to your suggestion, I would certainly like to get to a point where I have a chart with all 6 System Security Ratings with there associated Alarm Level actions as a quick reference, then a separate chart with all 6 Node Security Ratings and what actions are taken under the Passive and Active alerts.  I think that would give a very solid point of reference and be an easy lookup, then obviously, customize for specific runs on a case-by-case basis, if needed.


That's the plan.

Most likely, I will also make a condensed system with above tables merged into one each for immediate (node-level) and accumulated (system-level) response. They will work the same, but you add the Node Security Rating or System Security Rating respectively to the number you look up (and the tables will be bigger, obviously, to cover all six Security Ratings; basically the Security Ratings shift your result window on the table upwards).

QUOTE
But for a GM running a matrix run on the fly, you really only need to know a couple things (Node and System Ratings) and you would generally know how each node in the system would react to your hacker.  I think it is a good framework, just need to understand a couple things you gave examples on.


If anything is still unclear, don't be shy to ask. :)

Bye
Thanee
Go to the top of the page
 
+Quote Post
deek
post Mar 30 2007, 06:17 PM
Post #14


Shooting Target
****

Group: Members
Posts: 1,706
Joined: 30-June 06
From: Fort Wayne, IN
Member No.: 8,814



Ok, that makes a lot more sense now. So, under the Node Security Rating, I take the current Alarm Level + the net hits (of the specific test the node just won) to determine what the immediate response to the hacker is.

Ok, I follow you now.

Yeah, I think that a generic table for System Security Ratings and one for Node Security Ratings could be made and be a very good starting point used in all but the most custom of situations. It would be handy to just have that right there and then I can just tally the Alarm Total for the hacker...then at any point, I know exactly what the system is going to do in response...
Go to the top of the page
 
+Quote Post
Thanee
post Mar 30 2007, 09:36 PM
Post #15


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



QUOTE (deek)
Yeah, I think that a generic table for System Security Ratings and one for Node Security Ratings could be made and be a very good starting point...

Yep, it's probably the best way to get this to a usable level. :)

Then I can worry about the fine-tuning and getting more sophisticated seperate lists with less overlap (unless, of course, it turns out to work so well, that they are unnecessary and will only needlessly overcomplicate things ;)).

Bye
Thanee
Go to the top of the page
 
+Quote Post
deek
post Apr 1 2007, 11:12 PM
Post #16


Shooting Target
****

Group: Members
Posts: 1,706
Joined: 30-June 06
From: Fort Wayne, IN
Member No.: 8,814



Well, if you need any help coming up with that or at least want someone to look things over, I'm available!
Go to the top of the page
 
+Quote Post
Thanee
post Apr 2 2007, 05:34 AM
Post #17


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



Thanks for the offer! :) I will start by making the two bigger lists and see how far I get there, then post them here for review and suggestions. Don't expect them anyday, though. ;)

Bye
Thanee
Go to the top of the page
 
+Quote Post
deek
post Apr 23 2007, 08:51 PM
Post #18


Shooting Target
****

Group: Members
Posts: 1,706
Joined: 30-June 06
From: Fort Wayne, IN
Member No.: 8,814



QUOTE (Thanee)
Thanks for the offer! :) I will start by making the two bigger lists and see how far I get there, then post them here for review and suggestions. Don't expect them anyday, though. ;)

Bye
Thanee

Not wanting to push (okay, I guess, I am kind of)...but have you done anything with this yet?

I really like the idea, but not at the point where I want to do the startup work:) But I am certainly curious to your progress!
Go to the top of the page
 
+Quote Post
Thanee
post May 3 2007, 07:41 PM
Post #19


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



Hey!

Sorry, time was rather limited recently, but I will surely continue with this. :)

On a related topic... I also had a reasonably decent idea about how to mix and match attribute, skill and program rating (without going the hits limited by program rating route). Basically, program rating and the appropriate opposed rating are used as positive and negative modifier to your dice pool (which is always attribute+skill as it should be).

Bye
Thanee
Go to the top of the page
 
+Quote Post
deek
post May 3 2007, 07:54 PM
Post #20


Shooting Target
****

Group: Members
Posts: 1,706
Joined: 30-June 06
From: Fort Wayne, IN
Member No.: 8,814



I certainly chomping at the bit to see the security rating tables...so, whenever you have a draft, I will be looking over it!
Go to the top of the page
 
+Quote Post
Garrowolf
post May 4 2007, 02:33 AM
Post #21


Moving Target
**

Group: Members
Posts: 870
Joined: 2-October 06
From: Athens Ga
Member No.: 9,517



How about program ratings acting as threshold negation?

Basically do it attribute + skill. Take the program rating and compare it to the program you are trying to overcome. Basically if your program is higher then theirs then their program rating goes away. If yours is lower then take the difference as the threshold you have to overcome. That way the program isn't the point but it makes a difference and it doesn't change the dice pools.
Go to the top of the page
 
+Quote Post
Thanee
post May 4 2007, 07:39 AM
Post #22


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



QUOTE (Garrowolf)
How about program ratings acting as threshold negation?

Basically do it attribute + skill. Take the program rating and compare it to the program you are trying to overcome. Basically if your program is higher then theirs then their program rating goes away. If yours is lower then take the difference as the threshold you have to overcome. That way the program isn't the point but it makes a difference and it doesn't change the dice pools.

That would change the basic rules mechanics, though.

Bye
Thanee
Go to the top of the page
 
+Quote Post
Garrowolf
post May 4 2007, 07:50 AM
Post #23


Moving Target
**

Group: Members
Posts: 870
Joined: 2-October 06
From: Athens Ga
Member No.: 9,517



Attribute + skill is the basic game mechanic
Go to the top of the page
 
+Quote Post
Thanee
post May 4 2007, 09:28 AM
Post #24


jacked in
**********

Group: Admin
Posts: 8,915
Joined: 26-February 02
Member No.: 463



I meant the additional thresholds, of course. And raising the thresholds is a pretty big change, especially when you raise it by 2+. Makes the rolls next to impossible to succeed at.

Modifiers to the dice pool are the norm, so changing them doesn't seem bad.

Changing the thresholds might be problematic in some cases, where the rolls are not simply opposed. Also how would a higher program rating give an advantage then (i.e. program rating 3 or 6 vs opposed rating 3 - what's the difference)?

Bye
Thanee
Go to the top of the page
 
+Quote Post
Garrowolf
post May 5 2007, 03:22 AM
Post #25


Moving Target
**

Group: Members
Posts: 870
Joined: 2-October 06
From: Athens Ga
Member No.: 9,517



I am using a variant of the SR4 rules for a space game and one of the changes that I've made is that equipment no longer effects dice pool. It always effects thresholds. This means that some of the thresholds are a bit higher to start with the idea that the PCs will have some equipment to lower it. Environmental penalties are also thresholds. This makes the actual dice pools much more manageable and the game works just fine.

So for example a firearms test starts with range thresholds. Then increase it with any environmental conditions, but lower it from scopes, vision enhancement, and smart link. Equipment negates up to their rating in thresholds that they can effect. The actual thresholds stay low and the player doesn't have to wait to find out how many dice they roll. The only thing that will change their dice is injury penalties because the problem is internal to the character. They can go ahead and roll while the GM figures out the threshold.

Think about for a moment and tell me what you think about it. I know that it isn't standard but it is based on one of the alternate systems suggested in the book so it's not totally out there.
Go to the top of the page
 
+Quote Post

2 Pages V   1 2 >
Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 28th March 2024 - 07:09 PM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.