Help - Search - Members - Calendar
Full Version: Revised: Nodes (house rules)
Dumpshock Forums > Discussion > Shadowrun
cetiah
QUOTE ("Serbitar")
I define a node as the entity to which you log on. As long as you do not have to enter another password (or is done automatically for you) you are in the same node.


The above quote was a comment to my original "Nodes (house rules)" that I never responded to. I didn't really have the words to do it at the time and didn't have the experience with the system that I do now. The italicised portion of the text below includes the response to this comment.

This post is an attempt to streamline the material first presented in that post. Let me know if its still too complicated or creates any weird gaming issues.

---

The principle problem that gives me a headache when governing Matrix actions is deciding when one node begins and another ends. How many nodes does a government building have? One for each user? One for each department? One for each facility? How many nodes does a typical user have? Is his house or car on the same node as his comlink? Why or why not?

In order to answer these questions I've created four categories of nodes: Device Nodes, Minor Nodes, Major Nodes, and Supernodes. Most devices create at least a device node, however that node can be linked in such a way that it is essentially part of a larger node.

A node can be considered linked to another node if they both share the same security features -- i.e., they both have the same IC, firewall, etc. protecting them. A user doesn't have to "login" to another node or use any additional passwords to stay within the same node if they are linked. If one has access to the larger node, they can freely access any linked nodes without going through additional security features or having to login. There is perfect and unrestricted communication between linked nodes - they are essentially treated as the same node.

Two nodes that are linked are considered the same node for all effective purposes. They use the stats and security features of the larger node. A node can only be linked to a node of a different size - you cannot link two Major Nodes together, for example. A node can only be linked to one larger node at a time, but there is no limit to the amount of smaller nodes that may be linked.

To be linked, nodes must be within signal range of each other. It usually requires a password to remove a linked node from a larger node, or to establish a link with another node. In many cases, the request and providing of these passwords is an automated function. Passwords are usually encrypted and/or changed routinely.

The highest Signal attribute of all linked nodes is considered the Signal rating of the entire node. Two nodes must be within the range of the highest Signal rating to be considered linked to each other. IF the devices go out of range, the link is severed automatically.

Every device creates at least a Device Node to function with and process data. If the device has wireless capability, then this node can be hacked. It usually has node stats equal to the rating of the device. The Device Node is the smallest of all nodes and can be linked with any larger node.

Larger devices tend to have Minor Nodes. These are usually large devices designed specifically to govern smaller devices. Your home entertainment center (or simply your whole house management system) might be considered one minor node, for example. Cars and vehicles are very commonly used as minor nodes.

To constitute a Major Node requires electronics that are specifically designed for networking and interface compatibility. Comlinks are the most common device that creates Major Nodes, and for most people this is the largest, most secure node that they have.

Supernodes are large systems usually encompassing a geographic area or a small building that links many comlinks together, in a similiar manner that a household minor node might link many devices together. Highly-secure supernodes are often used by corporate facilities to protect and monitor their employees' computer activity (as well as provide firewall and IC security for all devices in the building). They are not usually very portable. Some luxery-class condiminiums include a secure supernode that all users may link their devices to when they come home.


The networking scheme of these nodes is something that must be determined by the player, but is not usually something that needs to be tracked. For example, a player may simply decide he wants all Minor and Device Nodes linked to his comlink's Major Node. This is a default configuration for many users. However, some users may want to keep their home or vehicle as a seperate Node and purchase security features for it for those occasions when the user's comlink is out of signal range. In this case, the player should decide what Device Nodes are linked to his Major Node or his Minor Nodes so that he has a clear idea on how secure and easily accessible everything is.
cetiah
Maybe I should just drop the word 'node' altogether and replace it with 'network'. It might save a lot of confusion...
kzt
I don't think that network is less confusing.

For example, assume you have a major university that has multiple /16s assigned (for say 130,000 public IPs). So from the view of the internet you have single network and you can (try to) directly connect to any of them.

From an internal view you have two major networks, campus A and B, which are managed separately though cooperatively. To look at it further, all buildings are on separate subnet running off a series of central switches, while each major building on campus B has it's own layer 3 switches and could have it's own access lists that are different than other buildings. Some major buildings have internal firewalled subnets, other buildings are aggressively firewalled, but most are not very secure at all and all the hosts can be directly contracted from the Internet. Some buildings have dozens of internal subnets with varying security setups.

When you refer to network here, what size entity are you referring to? The entire university? One of the two AS? A building? A vlan?
cetiah
QUOTE (kzt @ Feb 12 2007, 04:19 AM)
I don't think that network is less confusing.

For example, assume you have a major university that has multiple /16s assigned (for say 130,000 public IPs).  So from the view of the internet you have single network and you can (try to) directly connect to any of them.

From an internal view you have two major networks, campus A and B, which are managed separately though cooperatively.  To look at it further,  all buildings are on separate subnet running off a series of central switches, while each major building on campus B has  it's own layer 3 switches and could have it's own access lists that are different than other buildings.  Some major buildings have internal firewalled subnets, other buildings are aggressively firewalled, but most are not very secure at all and all the hosts can be directly contracted from the Internet.  Some buildings have dozens of internal subnets with varying security setups.

When you refer to network here, what size entity are you referring to?  The entire university? One of the two AS?  A building?  A vlan?

Hmmm. I suppose I'm referring to each subnet.
Basically, each place in the Matrix that would be represented through a seperate VR room. Each place that would have its own firewall. Each place that would require a user to input a seperate password to access that area. Each place that would have to have additional IC installed.

Each of these would be its own Major Node. From the way you describe it, there is no supernode to unify ("link") them into their own cohesive whole.

P.S. Thank you kzt for providing such great example. It's addressing issues like this that I feel these guidelines are important. You could easily see how this is a different network architecture than a university that had its own supernode.
kzt
QUOTE (cetiah)
Hmmm. I suppose I'm referring to each subnet.
Basically, each place in the Matrix that would be represented through a seperate VR room. Each place that would have its own firewall. Each place that would require a user to input a seperate password to access that area. Each place that would have to have additional IC installed.

In the university example, each actual PC is (typically) also extensively hardened. So getting through the ACL/firewall that protects a subnet means that you can try to then do something to the actual computers. So it isn't just the hard shell with the soft and squishy interior.

How a perimeter firewall actually works doesn't seem like it can be handled by SR.
cetiah

What you are describing is merely a large collection of independant nodes that have no wireless or Matrix capability, but must access the University's node in order to access the Matrix.

Why would you have this situation in a Shadowrun world? Wouldn't each comlink be able to be hacked individually (assuming they were their own nodes)?

The only reason the analogy breaks down is that there's no reason why a Shadowrun hacker shouldn't be able to bypass the university directly and hack the comlink's node if:

1) Both nodes are easily accessible through the Matrix or a direct wireless connection
and
2) The nodes are not 'linked' to eachother.
cetiah
So here we have two universities: A and B.

In University A, the University itself has a Major Node which possesses a lot of the university library information and student records. Students have their own comlinks for Matrix access and private computer functions. They have access to all the university node's data and programs, but they must "login" to the University Node (projecting a persona icon there).

If a hacker from the Matrix wanted to get to a student, he only has to find and hack into that student's comlink. Then he could mess with the student's programs or whatever. The hacker never really needs to go through the University node at all.

---

Now consider University B where everything functions through a single supernode. Here, all students have access to the university library of data, student records, etc. Student's don't need to hack into each other's node because they are all linked to the supernode... so they all effectively work as one giant node. There's no real defense against them hacking each other. However, if anyone wanted to hack them from the Matrix (or even locally with a direct wireless connection), they are effectively trying to hack into the supernode and engage its defenses.

Effectively, the students in this example would have no 'private nodes' and they are not protected from eachother except through account privileges (governed by the supernode when you link). They are, however, protected from any hacker not linked to the supernode.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012