Help - Search - Members - Calendar
Full Version: Tiered network, how to counter it.
Dumpshock Forums > Discussion > Shadowrun
The Jopp
Continuing the Tiered network and multiple nodes oddities.

Well, according to the SR4 book one can actually create ones own tiered network, but some slight problem arises, like how do you connect to the “firewall” node.

Hacker NEO has two commlinks and one is a firewall loaded with IC and agents. He has all the access through login and passwords to hack TROUGH that commlink and anyone trying to hack HIM must go through the firewall commlink.

So what can one do as the opposition? The persona is the actual thing hacking, the commlinks are just a tool. Here’s the setup for NEO’s firewall tiered network

1. Commlink 1 has access to Firewall
2. Firewall is NOT on a subscription list
3. Both are in hidden mode
4. Firewall & Commlink is Encrypted and Databombed (Device)
5. Firewall has several agents and IC on the prowl.
6. One agent has access to send alerts to commlink 1

In order to reach Commlink 1 I have to do a lot of work…

1. Find the hidden signal on Commlink 1
2. Decrypt hidden signal on Commlink 1
3. Use Spoof or Exploit to get inside the system and do something.
4. Dodge 3+ IC and an agent guarding the firewall and looking for trouble.
5. Crash the OS

Ok, so now the Firewall commlink is crashed and the OS must reboot, yay, or perhaps not…

NEO realises that the OS is attacked since one of the agents on the firewall reported my actions as I narrowly managed to dodge the four IC programs swarming the firewall and simply switched device. The rebooting system was just a secure room for him, he steps out of it but is still logged inside the system he’s been hacking in since he used multiple nodes - but he is now more vulnerable since his commlink is designed for brute force hacking, fully relying on his firewall to protect him.

Me, I just logged out from the rebooting commlink and shall now see if I can hunt down NEO directly.

Now, Neo could have done things in another way and stopped his hacking and simply stepped inside the firewall with his commlink 1 and attacked me since he has all the legal access - giving me no end of problems as both NEO and four IC attacked me simultaneously to protect the firewall.

Once I had been kicked out and/or been rendered unconscious he would still have his firewall running and a chance to continue hacking securely.
Jaid
i can't see why any half decent hacker would have a good firewall program on only one of their commlinks. if you have it on one, you may as well take the time to crack it and install it on the other.

i suppose that's one way of doing it too, but personally instead of trying to crash the OS, i would probably try to gain access to his main commlink instead through the firewall one. but that's just me, i guess...
hyzmarca
Present him with a honeypot - a lovely sweet candy with a creamy paydata filling. Only when he bites into it shall he notice the bitter almond taste of deadly arsenic.

Seccessfully taunt him into hacking your own tiered network but makes your substantially easier than his. Let him into you 'primary' comlink before springing the trap of black IC and agents with track programs. Since he'd have to split actions between all the nodes in your ladder network, he is rather screwed.

This works best if Neo believes that your network actually belongs to an ignorant corporate suit and contains actual valuable paydata.

The Jopp
QUOTE (Jaid)
i can't see why any half decent hacker would have a good firewall program on only one of their commlinks. if you have it on one, you may as well take the time to crack it and install it on the other.

i suppose that's one way of doing it too, but personally instead of trying to crash the OS, i would probably try to gain access to his main commlink instead through the firewall one. but that's just me, i guess...

Oh, you miss the point. Firewall is present in both systems, but only one commlink is a dedicated firewall SYSTEM designed to ONLY guard against intruders.
Rotbart van Dainig
Please call it a chokepoint then, to avoid confusion. wink.gif
Serbitar
Thats why I suggested in another thread to simply drop this "subscriber" rule, to get done with this endless chokepointing.

For realism matters, every con facility should be chockepointed to nirvana, which is making hacking ruleswise extremely complicated. The wireless "everything is directly hackable" philosphy is the only one that ensures ease of gameplay, as it makes endless chokepoint configurations useless.
Rotbart van Dainig
QUOTE (Serbitar)
Thats why I suggested in another thread to simply drop this "subscriber" rule, to get done with this endless chokepointing.

It doesn't matter - if Commlink A is wireless and Commlink B isn't, then the only way to get to Commlink B is Commlink A and the wire connecting them.
Serbitar
good point. thats true, of course.

But something has to be done against this. A Hacker only has to pay for "Response" in his "Firewall Comlinks" as Signal is irrelevant, and the rest is software which is easily crackable.

What does prevent him, and more important anybody else who is concerned of his security, from buildig a 5 tier comlink chockepoint system?
Josh The Stampede
Money. Time. Not wanting to carry 5 commlinks around. Style.

For what it's worth, I agree with you somewhat that the subscriber rule makes wireless hacking too hard, but I think ignoring that rule makes it too easy. Wouldn't it be trivial to shut off people's cybereyes and whatnot if you didn't need to get through a commlink first?
Ranneko
No, as you would have to be within 3 metres of them.

And if you are within that distance, you don't want to have to spend the time and effort breaking into their eyes. You want to shoot them in the face or stab them before they get you.
nick012000
Firewall and Pilot are limited by Response, and everything over Rating 4 is (relatively) expensive.
The Jopp
Even if Commlink A is wireless, can it be hacked directly if it is routed through COmmlink B? Sure, if someone manage to find commlin B's signal, but what about hacking by jumping through nodes in the matrix. Even if you manage to track him back to his node you have to go through his heavily defended Commlink B.

The only way Wireless hacking would work in this way would be if you are in range of commlink A's signal and manage to Exploit or Spoof your way inside, otherwise all access must be done through Commlink B, who isn't on any subscriber list, commlink A just have legal access to it.
hyzmarca
Actually, you should be able to hack him by spoofing a node that he is hacking or accessing. His firewall has to be programed to foward data from the node that he is hacking, otherwise he wouldn't be able to hack at all. If you make his firewall believe that your hack attempt is simply feedback from the node that he is hacking you can bypass it alltogether. It would work even if comlink A was wired directly to comlink B and could be done through the matrix.
hobgoblin
sorry to say, but spoofing cant be used that way, or atleast it does not look like it can be used that way...
Rotbart van Dainig
QUOTE (nick012000)
Firewall and Pilot are limited by Response

For Firewall, nobody has yet provided strong reference for limitation.
DireRadiant
QUOTE (Rotbart van Dainig)
QUOTE (nick012000)
Firewall and Pilot are limited by Response

For Firewall, nobody has yet provided strong reference for limitation.

True enough there is no explicit limitation.

My opinion though is that given that System, which is also a Matrix Attribute(Software), is limited by the Matrix Attribute Response(Hardware) I would also limit Firewall the same way. However I would not count Firewall towards the number of programs that lower the system response rating.
PlatonicPimp
QUOTE (Josh The Stampede)
Money. Time. Not wanting to carry 5 commlinks around. Style.

Commlinks are cheap. You are lucky they are, as you may need to throw one away after every run. Programs with the copy protections lifted are free. If I were a runner I'd have a Gun, Fake Sin, and Cover commlink for each run, and throw them away afterwards. Assuming I had all my programs copy-enabled, then I would only be out about 2000-4000 a run (Depending on quality), and I would tack it on top of the agreed fee as "Operating Expenditures" Compromising my real commlink or my everyday SIN on a run would require that my employer pay for new ones.

Anyone tracing your signal will trace it through the nodes that bounce your signal back you your origionating node, as well as all the nodes you used to bounce your signal. Attacks on your persona also bypass any signal bouncing and effect your commlink directly.

Now, if the gear on the other side of the chokepoint is interconnected wirelessly, but will only take signals from the "Master" commlink, then you have to spoof your signal to appear as the master commlink, and be within signal range of the node in question. This can be hard for stuff that has a signal of 0. If you have hard wired everything together, then it really is impossible to wirelessly access nodes on the other side except through your chockepoint. It is also impossible for you to access anything wirelessly except through the chokepoint, so if your chokepoint is compromised, you have lost your connection. If that wired- connectivity is acheived through a skinlink, then you must get a node you have access to attached to their skin (Palming skinlinked RFID tags works great here).
hyzmarca
QUOTE (hobgoblin)
sorry to say, but spoofing cant be used that way, or atleast it does not look like it can be used that way...

QUOTE (SR4 p224)
Use the Spoof Command action to transmit forged instruc-
tions to an agent or drone controlled by another user. In order to spoof orders, you must first complete a successful Matrix Perception Test on the persona you are impersonating in order to gain its access ID. To spoof commands, you must beat the agent or drone in an Opposed Test between your Hacking + Spoof and the target’s
Pilot + Firewall. If successful, the target drone or agent believes the orders came from its controlling persona.

[...]

Any hacker worth his name will either spoof his commlink’s access ID on a regular basis; this requires a Hacking skill+ Spoof program (2) Test. Alternately, you can modify the hardware itself to supply a bogus code with a Hardware + Logic (2) Test.


The spoof command allows you to tack another Comlink's ID onto one's own commands.
The next paragraph syas that one can alter a comlink's ID in other situations, as well.

The two, taken as a whole along with a basic understanding of how networking protocols and firewalls work, suggests that it is indeed possible to hack someone that way.

Now, contrary to popular belief when you connect to a computer on the matrix your brain doesn't actually go anywhere nor do your programs. The whole thing is basicly asynchronous transmission of predetermined electronic signals using complex handshaking routines and data encoding methods.

Using electronic warefare one can intercept these electronic signals and use them to usderstand exactly what is happening between two wireless nodes. There are other methods of intercepting such data, as well. Prehacking the weaker node or actually owning one of the nodes, for example.

Using the electronic warefare to intercept data and spoofing to change one's comlink ID, one can impersonate one of the other comlinks at some point in the process. Since wireless is an asynchronous broadcast medium the other node will never the the wiser, assuming that you sever the node that you are impersonating from the matrix somehow. Jamming is a good solution. If you don't sever the node that you are impersonating then it will be fairly obvious that there are two nodes with the same address.

The question that remains is can you bypass a hacker's firewall from a node that is being hacked. To answer that you have to understand how firewalls work.
A firewall is like a bouncer at a fancy club. He has a list of people that he lets in. He has a list of people that he turns away. In hidden mode, the former list would consist of trusted addresses and the latter list would consist of everyone else.

Now, due to the nature of data transmission across a network, the firewall has to let data from your target node through. If not you would never even be able to see it. It can be programed to only let specific data through, in theory. They certainly can in realty but if that were so easy in SR4 then every hacker in the world would set their firewalls to disallow feedback from attack programs. I would assume that programs are smart enough to get around such countermeasures.

So, if he is hacking you then his firewall comlink will automaticly foward your hack attempts to him. You still have to defeat his primary comlink's firewall to gain access to the system.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012