Node Security
One thing I find lacking in SR4 is information in how matrix security works so I thought about a few guidelines to basically stop myself from accessing a system.

Hidden security nodes
Security nodes are independent nodes connected to a mainframe. The security nodes have agents active under stealth inside the actual mainframe - and monitors all traffic going in and out of the node.

Accessing the Nodes
All three nodes are accessed by linked passcodes and the mainframe needs two passcodes linked to the two security nodes.

Intruder Alert
When an intruder is detected the mainframe will not launch any IC, that would just make the system go slower and impede data transfers so all security is left for the security nodes. The only thing the mainframe would do is to notify the security nodes of any intrusion if it manages to find it.

When the intruder is found by the agents it is basically up to the GM to decide what they do, but most of the time they will do the following.

1: Warn the intruder (very low sec system)
2: Attack the intruder
3: Track the intruder
4: All of the above

The only way for a hacker to see the agents floating around in the system would be to access admin accounts to see the legal ID’s the agents are using but they would still be invisible since they use Stealth.

Example Nodes
Just a bunch of nodes I started to think about.

Crash Nodes
Crash Nodes are designed for the ground up as blockades since their main function is to crash. They will look like any kind of node with some local information but also as choke points. They are designed to crash on command so that any access through that node is made impossible, and can also be used to trap Hackers.

If all nodes connecting the node a hacker is inside then he is effectively trapped unless he can find a signal that leads to another node (might be hard if you are physically jacked into a hardwired system). If there are no signals then they might be able to make an Exploit test and find a backdoor out of the system or just pull the plug (the latter will probably induce a Dumpshock).

Stutter Nodes
Stutter nodes uses a mix of encryption and limited wireless access since they a limited time for when their system is connected to the wireless network and their encryption tend to change between connection times Some of them even switch encryption live so that the only way of accessing it is to have the actual encryptions algorithms from a host computer who usually access such a system and the timetable for when they can access the system.

Chaff Node
Chaff nodes are designed to confuse and disorient anyone accessing the system without the correct access code. Unless they have found the correct code they would either only use program rating to do anything or use a reality filter to limit the effect of the cacophony of gibberish and visual information filling the node.

The rating of the reality filter is the max rating of skill dice the character is allowed to use. (so a hacker with Hacking 6 (Exploit+2) would not roll 8D6+Program but 4D6+program.

Filechack
Have you ever been inside an unsorted file archive that hasn’t been cleaned out in a decade? That’s exactly what this represents. The node is filled with three to four times more information than an ordinary node and only a quarter of that amount is actual information, the rest are old useless files, dead ends and loaded with old forgotten databombs. The difficulty for finding anything useful is +4 to threshold. If the hacker is actually looking for old information then there’s only a +2 treshold since there’s a lot of it.

Old node
This is an old forgotten node that is mostly unused by the target and contains a lot of rubbish but might include some useful information since it is a fairly safe stash since most people have forgotten about it. Usually contains employee downloade games, personal files and an old tidbit or two that might be useful.

Satellite Node
These nodes usually have a limited access window since it is located on a satellite in orbit.

All the nodes makes me think of SR2

Keep in mind SR4 has abstracted a lot of things, trying to make it feel more like "real life" is going to mire it down.

I came up with something similar not long ago. Some of the struc6tures where nasty. I didn’t even post the highest security ones but was shouted down for making hacking SR2 like.

Buy having nodes run IC in other nodes, and connecting them with fiber optic cables I was able to create a system that would allow legitimist users cases but effectively prevent unauthorized access. All within the rules as written.

Unfortunately the hacker would need to move threw 3-6 nodes with as many as 40 blind alleys he could try to enter, to aces a secure system. And fight or evade as many as 20 active IC programs in each node he must pass threw. And this would be time consuming, and all but imposable to succeed.

The obvious solution is to physically enter the facility to bypass the security measures

Unfortunately as it stands a starting hacker, if built well, could hack Zurich orbital in an afternoon from the ground.

Edward

As the rules are now, they are vague at best. But yyou can interpret them in a way, that makes hackin very easy (non-scanning IC, every programme in an IC counts towards the programme limit for example) or extremely hard (scanning IC for every action, no benefits from admin access except interchaning hacking and computer, seperate programme counts for IC and host).

With the hard interpretation, I can design a single 6 node to be extremely hard to hack.
Just by forcing a maxed hacker (14 dice) to hack on the fly (for example by deploying choke points) into a 6 node (12 dice) is giving him a 61% chance to be detected (excluding edge).

So you're saying its more about architecture now than individual ratings? I suppose I can see that then. It's more of a mentality change from SR3 matrix to SR4 matrix. I still like to limit the number of nodes as much as I possibly can (that's why I like SR3 hacking so much). But saying that the Z-O has a rating 6 choke-point node in front of its Rating 7 (or even 8 maybe) "main" host is not an unreasonable idea. Also, the idea that both of those host have multiple prowling Agents and/or Security Hackers is also reasonable.

You've given me something to think about Serbitar.

I think the biggest headache are testing the upper boundry conditions of systems like Z-O. Rating 6 is "cutting edge" so 7+ would have to be some insanely new SOTA system, which you'd find on things like nuclear silos, banks, Stock Markets, etc.

As a runner, I'd be rather disappointed if Z-O was only 2 or 3 Nodes deep, lol.

@ Mydonna: I think I will give some examples, what I think matrix hosts should be like (including ZO) at the end of my "hacking my way" thread.

With the current ruleset it is very hard to give examples, because the GM has too much freadom to make everything out of it. So it is futile to give an example of security levels without some agreements.

I'd think something like Z-O would have a Rating 6 node for access, with a number of directly-connected Rating 6 nodes (let's say five, but it could be up to twelve, if the access node wasn't doing anything else), each with a Rating 6 agent stacked up with anti-hacking programs. The access node wouldn't be overburdened, since each agent is running on the security node and accessing the access node, searching for hackers to trace and burn. And that's just the initial node.

Hehe, sorry for the typo . . .

You guys forgot something about Zurich Orbital. They probably have groups of elite secuirty hackers guarding the place with black hammers, as well as mulitble nodes, the max everything. Needless to say six hackers with six skill and rating six black hammers, will lead to a flatline REALLY quickly.

Technomancers are a myth. They are not eployed by Corps.

> Remember where Black IC came from, originally? I hear Z-O is protected by something even nastier...

But never forget: Z-O must be hackable within the rules. FastJack did it.

Must be hackable, yes. Can it be conceivably done by PCs? No, probably not. A case could be made for FastJack to have a Hacking skill of >7.

Why? 7 is legendary. Is is given as example, that FastJack has a skill of 7. You can definately create a FastJack like hacker from start (and buy some programmes later).

Blame the rules, but it is possible.

Fastjack would be:

All programmes/ratings/agents 6
a couple of comlinks 6
hacking group 6, hacking 7 + specialization
electronics group 6
edge 8

thats it, thats max. no human alive can be better

I'm thinking that hacking Z-O is more about tactics than pure skills numbers. It's about knowing when to begin, what cross references to hack, how many support hackers you need, and maybe even having a physical presence on the orbital to flip the right switch. I actually think you need to hack three or so "node webs" in very quick succession, but that's an idea for another time.

I know the rules say that no skill can be better than 7, but don't get me started on that (having an ABSOLUTE hard cap on advancement that can be achieved at character creation is my biggest beef with SR4). I think FastJack probably has a 'link rated at 7 or better, or at the very least a few programs Rated 7.

However, I don't like the idea of PC's become equal to the best in the world. In my games, there is always someone better than you.

You forgot the Logic of 7 for FastJack's stats.

logic doesnt apply in SR4 hacking RAW so I skipped it, otherwise I would have given him 10

In SR3 architecture was a big thing. Remember all the chokepoints, that was architecture at work.

The way the system ratings are described rating 7 nodes would be used where SR3 had a UV host. ZO dose not have a UV host (or even a sculpted system) in SR3 so it is only a rating 6 (described as the best secure systems) fast jack also dose not have anything better than rating 6 because that would be like saying he owned his own UV host in the SR3 days.

If I wanted to hack ZO I would start buy hacking another satellite in LEO and sniff into ZO as admin, even a rating 6 firewall has a low chance of noticing me sniff in, my first action would be to authorize accounts to let my friends in (be they hackers or agents).

Edward

That was part of one of the architectures I worked on before (unfortunately I lost the document) of cause I had a double entry gate, with each one shutting of every few seconds, a legitimate used would log in threw both and the connection to the other side would always remain active.

You can still jam in with 20 agents helping you. Of cause that comes back to whether having 20 agents help you is reasonable, or even allowed.

If I had 18 agents they would be running on 2 rating 5 comlinks each with a reality filter that is 10 programs per comlink and a net response rating of 5 (rating 5 +1 reality filter -1 extra programs)

There is also the possibility to run an agent and cut it lose I recently herd about. I don’t know the rules for that yet

Edward

Yeah, you could do that, but i thought our general concept here was infiltrating a bunch of agents then laying waste to the system. Unless you've already *got* access, all that infiltrating will be pretty likely to set off an alarm at some point.

The most obvious way to use a agent pack is to have them assist your jam in and admin account, succeed in the first action and gain entry in one second with no greater risk of detection than sniffing in for 3 hours.

You leave the agents not on your primary comlink outside and create accounts for them (a legitimist action) once you are in.

Edward

I wasn't aware that non-living "characters" like agents could assist on actions. If nothing else, wouldn't the system get a roll to detect each of them?