IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Independent agents query, So long sucker?
Aerospider
post Feb 3 2012, 11:29 AM
Post #1


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



If an agent acting independently loads itself onto a target's node and gets spotted, can the spider dump it from the hacked account? If no, why not? If yes, what happens to the agent? It exists entirely on the target's node, so it can't 'go' anywhere. Does it continue running, waiting for an instruction to hack a new account?

Also, is there anything preventing a sysad from simply deleting the agent from the node? He can't give it orders without the right AID (and password if encrypted) but he can tell the node to stop providing it with system resources and memory can't he?
Go to the top of the page
 
+Quote Post
Blade
post Feb 3 2012, 12:05 PM
Post #2


Runner
******

Group: Members
Posts: 2,996
Joined: 25-September 06
From: Paris, France
Member No.: 9,466



The agent is a program running on the node, so anyone with the right privileges can stop it like any other program (once it has been spotted).
I could allow an agent a hacking+exploit (firewall) roll to avoid getting stopped, but I don't think that's covered by the rules.
Go to the top of the page
 
+Quote Post
NiL_FisK_Urd
post Feb 3 2012, 12:22 PM
Post #3


Moving Target
**

Group: Members
Posts: 881
Joined: 13-November 11
From: Vienna, Austria
Member No.: 43,494



You can defeat the agent in cybercombat.
Go to the top of the page
 
+Quote Post
Aerospider
post Feb 3 2012, 12:53 PM
Post #4


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



QUOTE (NiL_FisK_Urd @ Feb 3 2012, 12:22 PM) *
You can defeat the agent in cybercombat.

Indeed and in the case of worms that is the only suggestion. But it seems odd that as a program loaded on the node the worm hogs system resources (+1 processor load for worm and each program it carries) and can't be deleted or deactivated.
Go to the top of the page
 
+Quote Post
Blog
post Feb 3 2012, 02:04 PM
Post #5


Moving Target
**

Group: Members
Posts: 124
Joined: 23-December 02
Member No.: 3,782



Many malware today behave in that fashion. Killing the process just spawn a new one until you defeat the "package" as a whole. It builds safeguards into itself to keep itself running.

My guess is that the design attempt was for something similar.
Go to the top of the page
 
+Quote Post
Fortinbras
post Feb 3 2012, 11:29 PM
Post #6


Moving Target
**

Group: Members
Posts: 772
Joined: 12-December 07
From: Fort Worth, Texas
Member No.: 14,589



If it's supplementary to the adventure you could always treat the worm as a virus and have it removed with the Purge program, but personally I like to have my runners' TM/Hacker have to fight the occasional malware bad-ass to off-set the cheap cost of pirated programs and to demonstrate to cocky sammies & mages how truly useful their Matrix counterparts can be.

If the rules don't specify, it's a GM decision. It's a flavour choice, personally. As well it should be.
Go to the top of the page
 
+Quote Post
Aerospider
post Feb 3 2012, 11:55 PM
Post #7


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



QUOTE (Fortinbras @ Feb 3 2012, 11:29 PM) *
If it's supplementary to the adventure you could always treat the worm as a virus and have it removed with the Purge program, but personally I like to have my runners' TM/Hacker have to fight the occasional malware bad-ass to off-set the cheap cost of pirated programs and to demonstrate to cocky sammies & mages how truly useful their Matrix counterparts can be.

If the rules don't specify, it's a GM decision. It's a flavour choice, personally. As well it should be.

That's just it - I'm fine with the game mechanics and only being able to remove a worm through cybercombat, but you know what players are like. They ask questions. Awkward ones that don't show in the index.

So when my uber-hacker asks me why he can't remove a program from his own node what do I say? If he terminates the worm's connection, is the worm gone or still on the node?
Go to the top of the page
 
+Quote Post
Udoshi
post Feb 4 2012, 07:56 AM
Post #8


Runner
******

Group: Members
Posts: 2,782
Joined: 28-August 09
Member No.: 17,566



I would say you treat it just like making resisted changes on a system.

If an admin has the proper rights to terminate resources to a program, and the program is fighting to keep them..... this falls under the hacking rules of 'if you don't have the rights to do something, you need to hack it with hacking+something relevant, opposed by system+firewall'.

So the sysadmin would roll Hacking + Edit vs the Agents System+Firewall. At least that's how I would do it. If the sysadmin failed, the agent would notice it and fire off a Restricted Alert vs the sysadmin, because the malwars knows its trying to be shut down, and is better prepared to resist further attempts at deactivating it. Edit is used to change and delete programs, so its the most sense-makey program to forcibly shut down something down. Another alternative would be Hacking+System, because the Deactivate Program Action actually says (System) next to the name in the list of matrix actions.

At least that's how I would do it. Normally, an admin would be able to load and shut down IC and agents, but in this case, he doesn't have the necessary permissions because the hostile agent won't obey his commands.


Regarding Kicking/banning the agent from the system: If its connecting remotely, I don't see any reason severing the connection wouldn't work. If its physically contaminated, though, I would say you can't really kick it off the system: Its maliciously consuming resources and you're going to have to cut it out, one way or the other.
To use a real world analogy, loading an agent onto a system is basically like thumbdriving a virus onto a computer. There's no network really involved at all once its infecting stuff. The biggest difference is the virus is actually semi-sentient.
Go to the top of the page
 
+Quote Post
Aerospider
post Feb 4 2012, 08:12 AM
Post #9


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



Cheers Udoshi, that's really good advice.
Go to the top of the page
 
+Quote Post
snowRaven
post Feb 5 2012, 05:00 PM
Post #10


Shooting Target
****

Group: Members
Posts: 1,665
Joined: 26-April 03
From: Sweden
Member No.: 4,516



Awesome stuff Udoshi!

It makes perfect sense, and doesn't violate RAW in any way I can see. (IMG:style_emoticons/default/notworthy.gif)
Go to the top of the page
 
+Quote Post
Brainpiercing7.6...
post Feb 5 2012, 05:13 PM
Post #11


Moving Target
**

Group: Members
Posts: 873
Joined: 16-September 10
Member No.: 19,052



QUOTE (Udoshi @ Feb 4 2012, 08:56 AM) *
I would say you treat it just like making resisted changes on a system.

If an admin has the proper rights to terminate resources to a program, and the program is fighting to keep them..... this falls under the hacking rules of 'if you don't have the rights to do something, you need to hack it with hacking+something relevant, opposed by system+firewall'.

So the sysadmin would roll Hacking + Edit vs the Agents System+Firewall. At least that's how I would do it. If the sysadmin failed, the agent would notice it and fire off a Restricted Alert vs the sysadmin, because the malwars knows its trying to be shut down, and is better prepared to resist further attempts at deactivating it. Edit is used to change and delete programs, so its the most sense-makey program to forcibly shut down something down. Another alternative would be Hacking+System, because the Deactivate Program Action actually says (System) next to the name in the list of matrix actions.

At least that's how I would do it. Normally, an admin would be able to load and shut down IC and agents, but in this case, he doesn't have the necessary permissions because the hostile agent won't obey his commands.


And what options/programs do you need to give an agent to make it behave that way? I.e. to make it resist an admin shut-down command?

Because basically, with an admin account you should be able to do anything - including shutting down any process. So the process restarts itself, ok. But that should take at least another action, and a smart hacker should get at least one more complex action than a worm or agent.

Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 1st April 2020 - 07:51 AM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.