Spoofing Account ID |
Spoofing Account ID |
Sep 14 2010, 05:20 PM
Post
#1
|
|
Target Group: Members Posts: 76 Joined: 29-August 10 Member No.: 18,981 |
If I log spoofing my Account ID and using the Account ID of the Admin a certain system, then
I log on my commlink and open a subscription on the target's node system. While there, the real Admin enter the node. What happens then? Are we both disconnected? If we are not in the same node, but in two different nodes "near" to each other and a communication goes to his Account ID, what happens? The communication goes to my spoofed Accound ID as well? And if we are in "distant" nodes? |
|
|
Sep 14 2010, 05:38 PM
Post
#2
|
|
Great Dragon Group: Members Posts: 5,542 Joined: 30-September 08 From: D/FW Megaplex Member No.: 16,387 |
I can't really understand your post very well.
If you're asking about spoofing your way to an existing user's Admin account, I'm not sure how that works. Generally, though, when hacking into a system, a new Admin account is created so problems like the ones you pose don't come up. |
|
|
Sep 14 2010, 06:56 PM
Post
#3
|
|
Target Group: Members Posts: 76 Joined: 29-August 10 Member No.: 18,981 |
I can't really understand your post very well. If you're asking about spoofing your way to an existing user's Admin account, I'm not sure how that works. Generally, though, when hacking into a system, a new Admin account is created so problems like the ones you pose don't come up. I spoof the Account ID of the Admin's Commlink. Then we both log in to the same node at the same time. What happens? Are we both disconnected? |
|
|
Sep 14 2010, 07:01 PM
Post
#4
|
|
Prime Runner Group: Members Posts: 3,996 Joined: 1-June 10 Member No.: 18,649 |
It woudl be called an AccessID, not an AccountID.
|
|
|
Sep 14 2010, 07:02 PM
Post
#5
|
|
Moving Target Group: Members Posts: 431 Joined: 15-April 10 Member No.: 18,454 |
I can't really understand your post very well. If you're asking about spoofing your way to an existing user's Admin account, I'm not sure how that works. Generally, though, when hacking into a system, a new Admin account is created so problems like the ones you pose don't come up. Spoofing the Admin can give very different results when the security guys do an audit. Rather than <invalid user> logged in, took a bunch of files, edited some video footage and logged out, they instead get Bob, the Manager down in IT security took some files on a Sunday night and edited some video footage. As long as you are taking actions that Bob is authorized to do, you don't even need to roll Hacking. You are using valid commnads for Bob. |
|
|
Sep 14 2010, 08:13 PM
Post
#6
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
Spoofing is for a single command; without other alterations, you wouldn't receive feedback, but the real user would.
|
|
|
Sep 14 2010, 08:19 PM
Post
#7
|
|
Moving Target Group: Members Posts: 431 Joined: 15-April 10 Member No.: 18,454 |
|
|
|
Sep 14 2010, 08:33 PM
Post
#8
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
The OP question is valid, though, because you can manually alter your Access ID (either via hacking or hardware). In that case, it's not one-way; in response to that question, "A firewall will, for instance, instantly block access to multiple icons using the same access ID." The second user would not be allowed to Log On.
Sorry for the confusion, I initially misread the question. (IMG:style_emoticons/default/smile.gif) |
|
|
Sep 14 2010, 08:45 PM
Post
#9
|
|
Prime Runner Group: Members Posts: 3,996 Joined: 1-June 10 Member No.: 18,649 |
The OP question is valid, though, because you can manually alter your Access ID (either via hacking or hardware). In that case, it's not one-way; in response to that question, "A firewall will, for instance, instantly block access to multiple icons using the same access ID." The second user would not be allowed to Log On. Sorry for the confusion, I initially misread the question. (IMG:style_emoticons/default/smile.gif) So it's a fun way to kick an admin out of the node he's defending? |
|
|
Sep 14 2010, 09:23 PM
Post
#10
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
No, AFAIK you'd be prevented from logging on if the admin was there in the node. Remember, too, that account rights can be applied by node-of-access, password, etc.; Access ID is just one option.
|
|
|
Sep 14 2010, 10:23 PM
Post
#11
|
|
Target Group: Members Posts: 76 Joined: 29-August 10 Member No.: 18,981 |
The OP question is valid, though, because you can manually alter your Access ID (either via hacking or hardware). In that case, it's not one-way; in response to that question, "A firewall will, for instance, instantly block access to multiple icons using the same access ID." The second user would not be allowed to Log On. Sorry for the confusion, I initially misread the question. (IMG:style_emoticons/default/smile.gif) I'm sorry for not being clear the first time and for using the wrong word (Account ID -> Access ID) (IMG:style_emoticons/default/smile.gif) |
|
|
Sep 14 2010, 10:27 PM
Post
#12
|
|
Target Group: Members Posts: 76 Joined: 29-August 10 Member No.: 18,981 |
So if I'm using someone else Access ID and we both are logged in (but in different nodes), what happens if a message is sent to his Access ID (or to his commcode registered through an MSP to his Access ID)?
Do we both get it? |
|
|
Sep 14 2010, 10:38 PM
Post
#13
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
No worries, I misread. (IMG:style_emoticons/default/smile.gif) Now, to attempt to finish answering your question:
The firewall only stops a duplicate from logging on to the node (i.e., 'present' in the node with one's icon). Like you say, this isn't the same as just having a subscription to that node. If neither you (with spoofed Access ID) nor the real admin (with identical real Access ID) are in the node, then I'm not sure. (IMG:style_emoticons/default/smile.gif) Presumably, the node *could* allow multiple subscriptions (and certainly commands/data requests) from the same Access ID; there are some legitimate situations where this could happen. In that case, the node would (IMO) blindly function normally; your subscription would do what it's supposed to, while the real admin's subscription would do its own thing. The 'wires' would not get crossed with *pre-existing* subscriptions. Finally, you raised a third issue: if someone calls the node and says, 'send this message to Access ID #xxx', where would the node send it? Honestly, I'm not sure. (IMG:style_emoticons/default/smile.gif) AFAIK, we really aren't told how routing works in Matrix 2.0. Logically, this kind of hand-off request must happen constantly, and if a node had two options, it could send to both or neither. :/ Note that Persona Access ID isn't the same as node (device) Access ID. Personally, I recommend that you not get *too* realistic or technical with the Matrix rules. If you think it's cooler/better/etc. for traffic to be duplicated, tell your players that's how it works and be consistent. If you'd rather require Capture Network Traffic actions for that kind of traffic hijacking, do *that* instead. Another good question. It appears that devices are registered with the MSP in order to connect to the commcode. Presumably, this means you tell the MSP your *device* Access ID(s), and it receives and relays commcode calls. In that case, spoofing the device's access ID could let you receive someone's calls, whether they originate via commcode or direct device Access ID (as always: IMO). To prevent this, the nodes could be configured to require authentication of some kind (as simple as a password, as complex as a biometric). (This is all just my best guesses and memory of the rules; I could easily be wrong. (IMG:style_emoticons/default/biggrin.gif) I know this post is a mess, but I haven't the time to edit just this moment. (IMG:style_emoticons/default/smile.gif) ) |
|
|
Sep 14 2010, 10:42 PM
Post
#14
|
|
Running Target Group: Members Posts: 1,272 Joined: 22-June 10 From: Omaha. NE Member No.: 18,746 |
It occurs to me that, if I'm reading you correctly, spoofing a logoff command and then logging in as the admin would definitely alert the admin, but the firewall may keep the admin from logging in.
|
|
|
Lo-Fi Version | Time is now: 25th April 2024 - 05:33 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.