Help - Search - Members - Calendar
Full Version: Network Example?
Dumpshock Forums > Discussion > Shadowrun
Paradisio
Ok, I just recently started playing. I have a large problem (probably resulting in a rushed reading of the book) but is there actually an example of a network in the book?

If not, can someone provide me one? I'm a bit iffy on about what all is accessable on the network as well as the exact defenses of one. Perhaps an "example of play" would be more appropriate, but I'll take anything.

Thanks
ShadowDragon
The book has no examples. We're all waiting on the FAQ and Unwired suppliment book. If you do a search you should find plenty of threads on the subject containing houserules.

How I currently handle it, is buildings have multiple "nodes" and one "access node." The access node is available outside of a buildings WiFi blocking paint and contains superficial information such as commercial sales information. It also serves as the gateway to the building's other nodes such as a "security node" that contains things like camera controls, automated turrets, gas vent release, and alarms. There's also "data nodes" with employee and project information. And a "server node" for shutting down or resetting the entire system. To travel from node to node, the hacker needs to make separate exploit tests (detection is not cumulative). Admin access lets the user create backdoors so the hacker can log off and get back on the node without another exploit test, and admin access lets the hacker create temporary employee IDs if you do it in the security node, and the hacker can manipulate all data. Security access lets you manipulate most data. Standard access lets you view most data, but not manipulate it. The more highend the security system is, the more "chokepoint nodes" it has, which are nodes with no data but require an extra exploit test for the hacker where he can get caught.

I suggest reading the section on Security Systems starting on page 251.
Paradisio
Well my big issues are:
-Network Security (IE actual security programs/people) I'm afraid the networks in game are "over-protected" or possibly even under.
-What can be hacked (Can drones/cyberware be hacked?)
Edward
Drones can defiantly be hacked and you can take control of them.

It says cyber wear can be hacked but it is easily protected and it seems strange that the fluff says most people don’t bother. It is also not clear what you can do once you have hacked somebody’s cyber wear.

Edward
ShadowDragon
Most electronics can be hacked - building security systems (obviously), commlinks, drones, vehicles, smartlinks...in my games cyberware generally can't be hacked because it's controlled by Direct Neural Interface (DNI) aka controlled by your brain. Anything but building security systems are single node, admin access only.

Building Security Systems - The first line of defence is the firewall + analyze (hacker's stealth) test. The rules are different depending on if the hacker wants to do it slow and safe or quick and dirty. Check page 221. I'll give you an example as I understand it. If anyone reads this who thinks they understand the rules better, please critique!

Joe Troll the hacker wants to hack into the access node of the Comfy Furniture Inc corporate office. It's during the day so he walks into the lobby and asks to use the restroom so he can get past any WiFi blocking paint. He doesn't have much time so he does it "on the fly." He has a hacking skill of 4 and exploit program rating of 5, and he's going to do it in hot sim VR giving him an additional 2 dice, so he rolls 4 + 5 + 2 dice. He has to beat the network's firewall of 5, so he needs 5 successes in an extended test. Joe Troll sits on a large toilet seat and enters VR while he chooses which programs to take along. With his commlink's system rating of 5 he can take 4 programs without lowering responce, which affects matrix combat initiative (check page 225 "Programs"). But Joe Troll doesn't mind that right now so he takes exploit, stealth, analyze, decrypt, defuse, armor, and attack. 7 programs total so his responce is lowered by 1. 2 more programs would lower his responce by 2.

It's time to hack in! Joe's player rolls his 11 dice and gets 4 hits. The network gets to try and detect Joe with an analyze + firewall extended test vs Joe's stealth program of 5. The network has a rating 3 analyze program and rating 5 firewall, so the GM rolls 8 dice and gets 2 hits. Joe's safe for now. Joe continues his extended test, and the player rolls 11 dice scoring 3 more hits for a total of 7 - he beat the threshold of 5 so he's in! The network still gets to try and detect him, and rolling the 8 dice the GM gets 3 more hits for a total of 5. The network met the threshold of 5 (Joe's stealth program), so the network knows something is up and goes into alert - Joe Troll might be in trouble.


If that were the (slow and safe) Probing the Target method, the system would only get the first check, but each test by Joe would take an hour, and the threshold would include the network's system rating.

So Joe Troll is in. You can describe the appearance of the node to the player (fluff). The node is in alert mode so you might say red lights are flashing and an annoying siren is audable. The book suggests using the little table on page 223 at this point for a "Random Alert Responce." Personally, I think this is crap. As the GM you should think of what would logically happen. This is also where the rules get a little fishy. Here's what I do:

Joe Troll is in, but he knows that he has to lay low while he tries to get into the security node. He takes a look around while the player rolls analyze + computer, getting 3 successes. The GM determines that is enough to see an IC program searching the virtual room, as well as the doors to the security node and data node. Every time Joe takes an action, the IC also gets a chance to spot him. This is an opposed test of Joe's hacking skill + stealth vs the IC's rating + analyze. Joe gets 4 hits and the IC gets 3. The IC is still virtually looking around the virtual room, but Joe is still virtually invisible smile.gif Joe Troll wants in that security node, so he tries to exploit his way through the door. He does the exact same thing that he did to get into the access node, but this time he wants security access, which increases the threshold by 3. Every exploit attempt to get into the security node also gives the IC in the access node a chance to see Joe (note that these are opposed tests, so they do not accumulate like detecting exploit tests).

Joe gets into the security node with security access. If the IC ever spots Joe, they'll get into combat. There's an example of matrix combat on page 231. Let's assume for the sake of brevity that Joe doesn't get into combat. Joe Troll wants to find the building's cameras, so he makes another perception test by rolling computer + analyze and notices collection of mechanical levers against the wall with small screens above them, and there's another IC looking for Joe. Above each lever is a scrambled label. Joe decrypts the labels with electronic warfare skill + decrypt. Joe wants to make a camera loop so that his team can sneak in the backdoor without being noticed, but he forgot his edit program! It takes a complex action to add another program (closing programs is a free action). Now with the edit program in commlink, Joe makes a hacking + edit test against a threshold of whatever the GM decides (lets say 3). Now that Joe Troll is done, he covers his tracks by locating the security logs and editing his entry and any record of changing the cameras, then logs off.


Note that all tests in hot sim give the PC +2 dice.

Wow that turned out to be long...
Paradisio
Wow, that was alot of help. I think I might start doing the "sub nodes" thing.

Would IC programs the only thing on most security systems? Can the network "call" fror backup by itself? I'm just trying to figure out what "enemies" would be on a regular network.
WhiskeyMac
I would say IC is the first and main line of defense for most corporations. If they farm out a security hacker then only have him show up if a level 2 alert happens, or something like that. If the corp is very Matrix security conscious (say Neo NET or Renraku) then have security hackers "strolling" around the nodes based on the sensitivity of the data. Other than that, I would say IC is the main defense as well as a funky node set-up (kinda like Pueblo's Matrix was in SR3) or probably some hardwiring if the data is really sensitive.
Serbitar
You might want to look at the SGM in my Sig (Serbitars Guide to the Matrix). I have some examples of hacking runs and sampleSystems in there.
ShadowDragon
A regular network is whatever you make it. I really don't have enough experience to say what you should have (I don't think anyone does yet), so you're going to have to experiment with it. Networks call for backup based on the protocals on the security node (which of course a clever hacker can edit). Those protocals should be set to a difficulty you're comfortable with - technical, "realistic" reasons are arbitrary fluff. More difficult and high end security networks will have more IC and onsite hackers than Comfy Furniture Inc, which I consider medium/easy difficulty. You can even have replicating IC if you want.

Going on a tangent, a houserule you might consider is to replace rolling skill + program, to skill + logic with hits limited by program rating. By RAW, logic is nearly useless for hacking (which is why I jokingly made Joe a troll hehe). You can keep AI such as agents, IC, and systems the way they are in RAW. This houserule has worked well for my group so far.
GrinderTheTroll
Paradisio as it's been mentioned, SR4 network designs are very up to the GM which can make it hard at times for those with little to no network design/topology background.

Here's a sample system I might use:

4-Node Mesh System (Security, R&D, Personnel, Public):
Security (Rating-5, Hidden Mode)
- Controls Facility camera system.
- Controls Access locks (Doors, maglocks, elevators, etc.)
- Controls Environment (HVAC, Lighting, Sprinklers, External Alarms, etc.)
- Runs Encryption-5 between all devices
- All security devices in Hidden Mode except Public Controls (Elevators, Door Access, etc. are Active Mode).
- IC -- Patrolling "Scout" IC scans all new Icons for Hacking utilities/Passkey, if found and/or Passkey-ID not found then launch alert. (# and type of response varies)
- Admin, Security, Personal accounts-type available (permissions vary).

R&D (Rating-5, Hidden Mode)
- Access to R&D Database and Filesystem.
- Runs Encyption-5 between all filesystems/databases.
- IC -- Patrolling "Scout" IC scans all new Icons for Hacking utilities/Access-ID, if found and/or Access-ID not on "OK List" then launch alert. (# and type of response varies)
- Admin, Security, Personal accounts-type available (permissions vary).

Personnel (Rating-4, Hidden Mode)
- Access to Personnel Database and Filesystem.
- Runs Encyption-4 between all filesystems/databases.
- IC -- Patrolling "Scout" IC scans all new Icons for Hacking utilities/Access-ID, if found and/or Access-ID not on "OK List" then launch alert. (# and type of response varies)
- Admin, Security, Personal accounts-type available (permissions vary).

Public (Rating-4, Active Mode)
- Public information system.
- IC -- Patrolling "Scout" IC scans all new Icons for Hacking utilities, if found then launch alert. (# and type of response varies)
- Admin, Security, Personal accounts-type available (permissions vary).

Suggested IC List:
-- "Scout" IC-4 (Analyze-4, Trace-4, Stealth-4)
-- “Predator” - IC-4 (Attack-4, Analyze-4, Track-4, Stealth-4)
-- “Marauder” - IC-5 (Blackout-5, Analyze-5, Armor-5, Stealth-5)
-- "Blazer” - IC-5 (Analyze-5, Browse-5, Edit-5, Scan-5, Track-5, Stealth-5, Exploit-5) – This IC will attempt to find and hack the intruder and start erasing R&D, Personnel files first, then other Utilities.
-- Security Hacker (Rating-5 + Utilities) + “Butcher” Agent-5 (Blackhammer-5, Analyze-5, Armor-5, Stealth-5)
X-Kalibur
QUOTE
"Blazer” - IC-5 (Analyze-5, Browse-5, Edit-5, Scan-5, Track-5, Stealth-5, Exploit-5) – This IC will attempt to find and hack the intruder and start erasing R&D, Personnel files first, then other Utilities.


I think you should have the the agents/IC Laser, Blaze, and Blazer rotfl.gif
Jagdcarcajou
@Grinder,

That isn't traditionaly a mesh system is it? I would call that a "4 Node Tiered System". If it was a mesh, then every item must be linked to every other item. Each node may be a mesh on its own, but as a whole this is a tiered system. If I am currently puttering around in the R&D node, I can't access the cameras. I have to find the access path, decrypt and then transfer to Security Node. Then I can get the camera nodes.

Just trying to get this straight in my head...

Chris
hobgoblin
well it could be a mesh of meshes wink.gif

ie, each node is subscribed to all the others.

but yes, a fully meshed network would most likely be a single big node.
GrinderTheTroll
QUOTE (Jagdcarcajou)
@Grinder,

That isn't traditionaly a mesh system is it?  I would call that a "4 Node Tiered System".  If it was a mesh, then every item must be linked to every other item.  Each node may be a mesh on its own, but as a whole this is a tiered system.  If I am currently puttering around in the R&D node, I can't access the cameras.  I have to find the access path, decrypt and then transfer to Security Node.  Then I can get the camera nodes.

Just trying to get this straight in my head...

Chris

It's meshed since each node can talk to the others, that is, there is nothing controlling what node can talk to the others. However, a seperate login is required to access each node from any other. A tiered approach is more traditionally, Hack A to get to B, hack B to get to C, D or E --or-- A-> B -> C, D, E.

So, if you wanted to control a camera and since it only accepts commands from the Security Node, you'd have to either Spoof a Command to it (the camera) or hack the Security Node to control the camera directly.

It's a bit more complex that a meshed network (from earlier examples) where one hack gets you in.

Biggest hurdle with this setup is you'd need to hack each node individually making the chance of getting caught greater. It's a paranoid system.


Another way to design this system would be to make it a single Node. Each subsystem (Security, R&D, Personnel, Public) would have permissions based on the Account type used to hack/access the system. For example:

For all subsystems, Admin Account would allow any changes. This is Root, and what hackers live for. The "Node" is Running Encryption-5 and so are all connected security related devices.

In Security subsystem, Security Account would be required to modify cameras, turn lights on/off, elevator controls, etc. Public Accounts would only allow read-only for things except cameras/access controls, etc.

In the R&D, Personnel and Public subsystem, Security Account would allow read/write access to critical files, where Personal Accounts would allow read/write access to non-critical (non-paydata) files.

IC would only come into the mix when an alert is triggered (Glitch, Hack Attempts or IC scanning for Hacking Utilities).

Lots of ways to do it, hope this helps!
kigmatzomat
I'm going to try and graphically represent a few of the different designs.

We have a house rule that a wireless network can require an encrypted connection. it's a nice little rational security feature that already exists in WEP/WPA.

Any given "node" may be one or many devices. Basically if one username/password combo gives you access to it, it's a node. If you need to use a different username/password, it's a new node.


Meshed: each network can talk to all the other networks. The reason the encryption ratings vary is that all the HR flunkies aren't going to be given System:5 comms just so they can run high-grade encryption.


(Hidden5/Encrypted5) (Hidden5/Encrypted3)
Security<---->R&D
^ \ / ^
| \ / |
| X |
| / \ |
v / \ v
Personnel<---->Public
(Hidden5/Encrypted2) (Active3/Unencrypted)



Tiered networks have layers that you have to work through. A tiered system may not have direct wireless access, meaning you always pass through the Public network to get to the R&D node.

Naturally you could swap Personnel with R&D based on the priorities at the facility.

You can have more than one system on a tier, as evidenced by the second graphic.


Security Security
^ ^
| |
V v
R&D R&D<->Personnel
^ \ /
| Y
V |
personnel V
^ Public (Active/Unencrypted)
|
v
Public (Active3/Unencrypted)




Isolated networks have limited ability to talk to each other. Here the R&D network is completely isolated from the rest of the system, including security. Why? Well, it could be that the R&D project chief is a prima donna and can get away with keeping everyone out of his sandbox. Maybe whatever it is requires plausible deniability. Maybe it's something that would take umbrage at the security department's roving IC.

Isolated networks will very often be direct connect (meaning via cables) only or, at the very least, will use the wi-fi blocking wallpaper to limit the wireless connection to specific physical locations. It wouldn't be unusual for the building security systems (drones, cameras, etc) to be on their own isolated network.


(Hidden6/Encrypted6) R&D


(Hidden5/Encrypted5)
Security
^ \
| \
(Active3/Unencrypted) Public<->Personnel(Hidden5/Encrypted2)

Lilt
QUOTE (ShadowDragon)
Every exploit attempt to get into the security node also gives the IC in the access node a chance to see Joe (note that these are opposed tests, so they do not accumulate like detecting exploit tests).
Can I just ask where you get the fact that every exploit attempt gives the IC a new test to see Joe? Also, what other tests are likely to result in perception tests for the IC?

@GrinderTheTroll: What do you mean by "Hidden Mode" for the nodes in the systems? I thought only PANs could run in hidden mode. I suppose something like that could be done with wi-fi blocking paint, but could that interfere with the running of the base?

As a general question: What exactly could happen if someone was to hack into an admin-level account? Could they disable the encryption between devices as suggested by grinder? Can they shut down IC? Can they disable the alert on a node?
Serbitar
admin access = you can do everything
GrinderTheTroll
QUOTE (Lilt)
@GrinderTheTroll: What do you mean by "Hidden Mode" for the nodes in the systems? I thought only PANs could run in hidden mode.

Any node capable of transmission runs in either Active, Passive or Hidden Mode. Higher security things would not be ever-present like sinage for example.

QUOTE
I suppose something like that could be done with wi-fi blocking paint, but could that interfere with the running of the base?

It just has to do with how chatty a device is. Some devices/nodes respond to everything (Active), some only to some things (Passive) and others to nothing (Hidden).

In retrospec, I should have more correctly made my "Hidden" Nodes "Passive" since they do communicate with other things.

QUOTE
As a general question: What exactly could happen if someone was to hack into an admin-level account? Could they disable the encryption between devices as suggested by grinder? Can they shut down IC? Can they disable the alert on a node?

It's defined by the system/node you are hacking. Ultimately Admin lets you do all sorts of things it's the holy-grail of access. Personally, I'd only allow alerts to cancelled by external interaction same with IC or Node shutdown. It depends on the system/node and how you want to define it.
ShadowDragon
QUOTE (Lilt)
QUOTE (ShadowDragon)
Every exploit attempt to get into the security node also gives the IC in the access node a chance to see Joe (note that these are opposed tests, so they do not accumulate like detecting exploit tests).
Can I just ask where you get the fact that every exploit attempt gives the IC a new test to see Joe? Also, what other tests are likely to result in perception tests for the IC?


Because I didn't see where in the book it said not to. It was really an abitrary decision. Why shouldn't there be new perception tests?

QUOTE
As a general question: What exactly could happen if someone was to hack into an admin-level account? Could they disable the encryption between devices as suggested by grinder? Can they shut down IC? Can they disable the alert on a node?


They can disable encryption, disable new IC from appearing, and disable alerts, but only from the security node.
Lilt
QUOTE (ShadowDragon)
QUOTE (Lilt)
QUOTE (ShadowDragon)
Every exploit attempt to get into the security node also gives the IC in the access node a chance to see Joe (note that these are opposed tests, so they do not accumulate like detecting exploit tests).
Can I just ask where you get the fact that every exploit attempt gives the IC a new test to see Joe? Also, what other tests are likely to result in perception tests for the IC?
Because I didn't see where in the book it said not to. It was really an abitrary decision. Why shouldn't there be new perception tests?
I was thinking 'whining players'. It's not that I can't say no, it's that I prefer to back it up with RAW. ALso, I don't ask my players to make opposed stealth rolls whenever they make an action whilst hidden so why would I ask them to make one whenever they take an action in the matrix?
QUOTE
QUOTE
As a general question: What exactly could happen if someone was to hack into an admin-level account? Could they disable the encryption between devices as suggested by grinder? Can they shut down IC? Can they disable the alert on a node?

They can disable encryption, disable new IC from appearing, and disable alerts, but only from the security node.
You see, that level of control strikes me as just a bit too powerful. That'd be fine, but it's really easy to get given a few hours. A reasonable hacker can get that level of access in less than a day.
ShadowDragon
QUOTE (Lilt)
I was thinking 'whining players'. It's not that I can't say no, it's that I prefer to back it up with RAW. ALso, I don't ask my players to make opposed stealth rolls whenever they make an action whilst hidden so why would I ask them to make one whenever they take an action in the matrix?


I wish I could back up ANYTHING about the matrix with the RAW - unfortunately the RAW on the matrix is extremely lacking. The guy who's playing the hacker in my group understands that, so he's been patient, and I'm generally pretty lenient. If the player thought this was unfair and helped me come up with something better, I'd likely change it. Really I doubt I'll even keep the same interpritations for a month. I'm still pretty new to SR4.

QUOTE
You see, that level of control strikes me as just a bit too powerful. That'd be fine, but it's really easy to get given a few hours. A reasonable hacker can get that level of access in less than a day.


WiFi blocking paint makes this impossible. The only way to get into a security node, especially with admin access is by hacking on the fly, and you have to break through multiple nodes to do it. I suppose the player could try and find a nice hiding spot in the building where he can go unconscious in VR for a day, but that would be even more difficult and risky than hacking on the fly IMO.
spiderjones
Hmm, do none of the runs on the Shadowrun 4th website for free download include a network example? Seems there are several of them, I haven't checked, but, might be somethin' in one of them.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012