If i leave an Agent running on a node or my Commlink with at least Analyze, Blackout, and Stealth loaded is that pretty much the functional equivalent of an IC?
What about setting your Commlink to lauch of the Agent with that loadout when a security alarm triggers? Is that functionally any different?
Full Version: Using an Agent as IC.
No, you can have 1 agent, that servers as your IC too. That's what I'm doing. When I'm not doing anything active, the agent is going to sit on my commlink node with things like attack and blackhammer loaded and serve as IC. When I'm out hacking, I'll take my agent with me (with different programs loaded).
Calypso
Calypso
IC is just frames loaded with particular programs. agents are just a type of frame.
So, in your opinion, it is correct to understand IC as just a type of usage, not a type of frame with special qualities?
As opposed to a Pilot frame, which does have navigation abilities? But the Pilot can also act as a general purpose Agent?
As opposed to a Pilot frame, which does have navigation abilities? But the Pilot can also act as a general purpose Agent?
There are no Frames anymore.
ICs functions like Agents, except a Node can launch them as needed - Pilots replace System.
So you can let an Agent guard your Commlink, but that counts a a running Program all the time - or you can prepare ICs that are maintained by your System, loaded and unloaded like specified when necessary.
ICs functions like Agents, except a Node can launch them as needed - Pilots replace System.
So you can let an Agent guard your Commlink, but that counts a a running Program all the time - or you can prepare ICs that are maintained by your System, loaded and unloaded like specified when necessary.
Also, IC acts without user intervention, Agent requires it in many cases. An agent isn't going to load itself and start beating the crap out of some hacker.
| QUOTE (Nikoli) |
| Also, IC acts without user intervention, Agent requires it in many cases. An agent isn't going to load itself and start beating the crap out of some hacker. |
Isn't it? My understanding was that agents could be instructed to act autonomously. Basically, if you "set the agent free" on your commlink, with a blackhammer program, it would be the same as Black IC.
Calypso
If ordered to attack intruders, indeed.
The point is that doing so limits your performance all the time while setting up IC just does so when you get hacked.
The point is that doing so limits your performance all the time while setting up IC just does so when you get hacked.
I know there are differences, otherwise why enumerate the two types of frames.
But honestly I don't see any mechanical difference.
But honestly I don't see any mechanical difference.
From page 228:
"Though the term intrusion countermeasures (IC) is widely
used to describe any of the defenses a node employs against intruders,
it specifically refers to a specialized type of agent program that is
used to defend a system. For all game purposes, IC programs are the
equivalent to agents and function the same. IC programs typically
are loaded with some of the following programs to employ against
intruders: Analyze, Attack, Black Hammer, Blackout, and Track."
However, it also notes that most places are careful not to run so many IC that it slows down Response. So, that clarifies something I had incorrectly read: You can't have an IC/Agent run independently on your own commlink and have it not affect your Response.
Calypso
EDIT: This, however, implies that you can:
"If you wish for your agent to operate in the Matrix independently,
you must load it on a particular node separate from your
persona. The agent will continue to operate in the Matrix even if
your persona goes offline. In this case, the agent doesn’t count toward
your persona’s active program limits like running programs
do, but it does count as a subscriber toward your subscription
limit (see p. 212)."
"Though the term intrusion countermeasures (IC) is widely
used to describe any of the defenses a node employs against intruders,
it specifically refers to a specialized type of agent program that is
used to defend a system. For all game purposes, IC programs are the
equivalent to agents and function the same. IC programs typically
are loaded with some of the following programs to employ against
intruders: Analyze, Attack, Black Hammer, Blackout, and Track."
However, it also notes that most places are careful not to run so many IC that it slows down Response. So, that clarifies something I had incorrectly read: You can't have an IC/Agent run independently on your own commlink and have it not affect your Response.
Calypso
EDIT: This, however, implies that you can:
"If you wish for your agent to operate in the Matrix independently,
you must load it on a particular node separate from your
persona. The agent will continue to operate in the Matrix even if
your persona goes offline. In this case, the agent doesn’t count toward
your persona’s active program limits like running programs
do, but it does count as a subscriber toward your subscription
limit (see p. 212)."
note that this means that you can spoof commands to IC, just like any other agent.
If an intruder trips an alarm the IC immediately goes after them. Agents would have to use Analyze to find/identify the intruder which is stalled for several rounds by the intruders Stealth program.
Also, IC as part of the Node are subscribed so they can communicate within the network to alert their master of their progress, damage levels, etc. Agents acting independently have to hack node to node until they are in the same node as who they want to communicate with.
I love 'Golden Retriever' style search hounds and such, to quote a Reality Filter, but independent agents' inability to communicate outside their node and the inability of their creator to modify the programs independant agents carry makes independent agents very specialized kamikazes and not the adaptable, well rounded sidekicks like the subscribed agents. Also note that IC might attack free agents within your own nodes since they aren't subscribed/trusted...
Also, IC as part of the Node are subscribed so they can communicate within the network to alert their master of their progress, damage levels, etc. Agents acting independently have to hack node to node until they are in the same node as who they want to communicate with.
I love 'Golden Retriever' style search hounds and such, to quote a Reality Filter, but independent agents' inability to communicate outside their node and the inability of their creator to modify the programs independant agents carry makes independent agents very specialized kamikazes and not the adaptable, well rounded sidekicks like the subscribed agents. Also note that IC might attack free agents within your own nodes since they aren't subscribed/trusted...
I'd think a most effective combo would be to have a IC on guard, an Agent-4 on patrol (using Analyze) and another independant agent whose whole mission in life was to use Stealth to avoid being spotted and Medic on the IC & patrolling Agent. If discovered its killed (and made out of paper deliberately so it cannot provide a diversion for an intruder for more than 1 action) but the healing of the IC and patrolling Agent should prove most effective. If you can receive an alarm of them activating, the hacker then moves in and orders the subscribed IC and Agent to attack the intruder thereby sparking the Medic/Stealth agent.
Just a thought...
Just a thought...
Something just occured to me. Can you use Agents as basically software holders? Say you're doing a Matrix run and are gonna need 8 programs. But you don't want to have them all loaded and have it affect your response. Could you load 5 programs (4 that you need, and 1 Agent), and have the Agent load 4 programs, without affecting your response?
Calypso
Calypso
| QUOTE (Nikoli) |
| Also, IC acts without user intervention, Agent requires it in many cases. An agent isn't going to load itself and start beating the crap out of some hacker. |
Actually IC don't lauch themselves, the system/node launches them (top page 223) in response to an alert. Now i suppose you could say that a standard Agent is not directly launchable by the system alert. In that case you'd need an extra IP for a [cheap rating 1] bootstrap IC to spawn the higher rating Agent?
P.S. Does an independant Agent itself count in the program count compared against the System limit? Or do you just count the programs the Agent has loaded under itself?
| QUOTE (Wasabi @ Sep 27 2005, 12:56 PM) |
| Also note that IC might attack free agents within your own nodes since they aren't subscribed/trusted... |
There isn't a way to give them the keys to the node, so to speak? You definately can give them the keys to Databombs, right?
I'm not sure what kind of risk there would be in doing that? Which brings up another interesting topic. If an independant Agent doesn't recognize anyone as their 'owner' to get it to change load-outs does that mean they cannot be Spoofed directly like IC? Instead the malicious attacker would have to directly thwart a second firewall (as Agents seem to have firewalls) to get inside the independant Agent if they wanted to control it and turn it on the node?
| QUOTE (blakkie) | ||
There isn't a way to give them the keys to the node, so to speak? You definately can give them the keys to Databombs, right? I'm not sure what kind of risk there would be in doing that? Which brings up another interesting topic. If an independant Agent doesn't recognize anyone as their 'owner' to get it to change load-outs does that mean they cannot be Spoofed directly like IC? Instead the malicious attacker would have to directly thwart a second firewall (as Agents seem to have firewalls) to get inside the independant Agent if they wanted to control it and turn it on the node? |
Agents acting independently still have an owner. And yes, you can give Agents the code to a node so that IC doesn't attack it.
Calypso
| QUOTE (calypso) |
| Can you use Agents as basically software holders? Say you're doing a Matrix run and are gonna need 8 programs. But you don't want to have them all loaded and have it affect your response. Could you load 5 programs (4 that you need, and 1 Agent), and have the Agent load 4 programs, without affecting your response? |
| QUOTE (blakkie) |
| Does an independant Agent itself count in the program count compared against the System limit? Or do you just count the programs the Agent has loaded under itself? |
Here be a can of worms - pryed open.
Basically, an Agent/IC loaded onto a Node/Persona counts a 1 Program for the Agent itself.
Then, all those Programs loaded onto it would count towards its own System, reducing it's Response.
So, basically, running an agent gives you free active programs - just, instead of using them, you have to order the Agent to do so, which it will, on it's own Initiative.
Funny sidenote:
Nodes are allowed to use Programs, too, substituting the Skill with their System, while replacing the System with a Pilot gives it more decision making capability.
Looks like all you need is a rigged up Commlink, serving a a Hacker-in-a-Box.
| QUOTE (Rotbart van Dainig @ Sep 27 2005, 01:56 PM) |
| Here be a can of worms - pryed open. |
Ya, that's what i was thinking when i saw that. Which actually doesn't make much sense to me at all for something like a Commlink. For a large node, sure. They have a per session limit but have a large reserve of processing power in the entire node. But in a Commlink if there is that extra ability WTH wouldn't the system already be using that if it could? *shrug*
It's like the Matrix system design is missing a stat for nodes (including commlinks) that is a session/context limit. This is the number of personas (which an independant Agent, IC, or Pilot program also count as) that can run on the node before performance degradation.
| QUOTE |
| Looks like all you need is a rigged up Commlink, serving a a Hacker-in-a-Box. |
More like a Hacker drone with the person sending the general commands via AR/VR akin to a rigger in the Captian's Chair.
however, the agent/IC/Pilot probably can't have edge applied to tests, as skillwires can't.
| QUOTE (Nikoli) |
| however, the agent/IC/Pilot probably can't have edge applied to tests, as skillwires can't. |
Oh, I would certainly hope not. But, I see no reason to not have an agent toting around my mundane-yet-necessary programs, like Analyze, Browse, Edit, etc. If a really tough task needs to be done, that I don't think the agent can handle, I swap out programs temporarily.
Calypso
| QUOTE (Nikoli @ Sep 27 2005, 02:45 PM) |
| however, the agent/IC/Pilot probably can't have edge applied to tests, as skillwires can't. |
Yes, for generally all the reasons that a 'runner is ultimately better than a vehicle drone.
| QUOTE (calypso @ Sep 27 2005, 03:49 PM) |
| If a really tough task needs to be done, that I don't think the agent can handle, I swap out programs temporarily. Calypso |
Or I let the Agent screw up, get attacked by the IC, and then slip through myself. There are no rules on Aggro, to use an MMO term, but if nothing else you draw out the defenses where you can see them. As the Active Alert is per user and long as no hacker is alerted, you're golden...
(Data Bombs hopefully excluded...)
| QUOTE (Wasabi) | ||
Or I let the Agent screw up, get attacked by the IC, and then slip through myself. There are no rules on Aggro, to use an MMO term, but if nothing else you draw out the defenses where you can see them. As the Active Alert is per user and long as no hacker is alerted, you're golden... (Data Bombs hopefully excluded...) |
Unfortunately that can bring a security hacker into the picture if there is one on call. If he isn't a total mellon head he will start looking intently for things amiss....like someone trying to run a diversion with an Agent.
Also since tallies are per/persona, and thus the risk of detection increases in a reverse exponential way per extra invader, it is reasonable to assume are going to be more Hacker teams happening. So that should now become security hacker SOP for responding to an alert, trying to assess how many are on the inside so he knows if it is time to escalate to more drastic measures (node reboot, call for more backup, etc.)
| QUOTE (blakkie) |
| There isn't a way to give them the keys to the node, so to speak? You definately can give them the keys to Databombs, right? I'm not sure what kind of risk there would be in doing that? |
the main danger would be a hostile decker spoofing your agent and forcing it to disarm the databomb. of course, he'd have to figure out (or guess) that the agent has the key. he might do it anyway, though, letting the agent take the hit from the databomb--i don't believe databombs reset immediately; if the agent sets off the databomb, there should be a short delay where the hostile decker can perform the necessary operations before the databomb resets.
| QUOTE (mfb) | ||
the main danger would be a hostile decker spoofing your agent and forcing it to disarm the databomb. of course, he'd have to figure out (or guess) that the agent has the key. he might do it anyway, though, letting the agent take the hit from the databomb--i don't believe databombs reset immediately; if the agent sets off the databomb, there should be a short delay where the hostile decker can perform the necessary operations before the databomb resets. |
Databombs don't reset. Once they crash, they're crashed until you reboot or reset it manually. (Or have an agent do it I suppose).
| QUOTE (mfb @ Sep 27 2005, 08:54 PM) | ||
the main danger would be a hostile decker spoofing your agent and forcing it to disarm the databomb. of course, he'd have to figure out (or guess) that the agent has the key. he might do it anyway, though, letting the agent take the hit from the databomb--i don't believe databombs reset immediately; if the agent sets off the databomb, there should be a short delay where the hostile decker can perform the necessary operations before the databomb resets. |
Ya, if the independant Agent can recieve instructions from the "owner" then that communication could be Spoofed. Wasabi seemed to be suggesting that kind of communication couldn't occur between the owner and independant Agent, which i didn't think was right but didn't feel confident to refute. *shrug*
That's a pretty crude technique, though effective when crude is good enough. The Databomb text does seem to suggest a one time only deal, and you can have only one attached Databomb per item. So at the least something would have to rerun the program to set another one back on (if the Databomb wasn't destructive to the item it was guarding).
P.S. I was thinking another really cool use of Spoofing the Agent/IC would for a one-shot stealth attack. It is my understanding that spoofing the Agent to attack it's owner wouldn't nessasarily reveal the spoofer, while directly attacking the owner is effectively an automatic revealing (barring some extraordinary conditons that don't come to mind right now). Even if the scan succeeds in revealing the Spoofer (assuming they haven't moved on already, or hadn't spoofed the command to the Agent in a different node), unless the victim's second Simple Action of that IP is spent countercommanding the Agent, the Agent will get to attack again if it gets an IP before the victims next.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.