Okay, I'm more awake, but I'm still confused, here. Let's look at some things.

Agent Smith attacks, I think we all agree, are going to fugger up whatever you point them at no matter what the opposing topology looks like. This is assuming your GM allows Agent Smith attacks, which means she's likely going to use them against you too, so it's a double-edged sword (not to mention a topic from another thread).

Wireless mesh topology. "Wireless" is the medium used to pass data between devices, "mesh" means every device is connected to every other device. Basically, it means there's a cloud of wireless devices all capable of interacting with one another.

It's not impossible for Frank and Rob to both be right about what Frank is calling a "linked system" or "tiered system" and what is more properly called a hierarchical network. It's the choice of media that makes the difference. You want a hack-proof hierarchical network under SR4? Use fiber optic cable (or a skinlink for your eyeballs) and turn off the wireless on the devices that you want to protect. See, now it's a floor wax and a dessert topping. Incidentally, this point is made in the FAQ, but it doesn't explicitly put the concepts together.

Hacking a "DNI" seems kind of silly to me. First off, I'm fairly certain that there is no "DNI" device, just a number of other devices that use DNI to interface with the brain. If you're talking about a sim module, then yes, that could be hacked, but it could be made safer by deactivating its wireless capability and directly connecting it to your commlink; thus, an attacker must first access your commlink. Ditto the eyes; just use a skinlink.

Frank was sort of right. Had his argument included the bit about turning off the wireless on protected devices, I would have concurred.

Yes, I contributed to Unwired. However, that doesn't magically make me right. I welcome debate. I've been convinced that I was wrong on several occasions, at least one on Dumpshock: I used to believe that you had to do the sniffing and spoofing, but then I was convinced that hacking gets past these defenses.

On the topic of changing my mind on the sniffing and spoofing angle, I actually welcomed it. It makes Matrix specialists like technomancers that much more efficacious.

Reading the last few pages of this thread, it is becoming increasingly obvious to me that crizh is someone who actually comprehends how network technology works, and that everyone else (edit: ok, I'll be fair here, "just about" everyone, and I include myself in that) appears to be struggling to even keep up.
...

Crizh, since you do seem to know something of networking, what would an exploit program actually do? If it can't hack into a node and exploit holes in a firewall, it seems absolutely useless.

what would an exploit program actually do?

Well it might do what it says that it does: log onto a system without authorization.

What it doesn't do is bypass any other requirements of logging in, such as being in signal range (Signal) or being a valid network location to have packets sent to you in the first place (Spoof).

-Frank

While conceptually that makes sense, you are making just as much of an assumption when you assert that I have to find and applyt Matrix Perception to a correspondent in order to pretend to be that person. Most man-in-the-middle attacks require knowing where the target is, and being able to intercept traffic to a correspondent. But I have no need to actually find the correspondent at all.

Note that liminating the access ID entirely is not an option, as most nodes will refuse access to unidentified devices; access ID must be spoofed instead.

You got me, I'm no network engineer and I've no idea how you would go about overcoming this without spoofing the IP and MAC address.

A few things. Does that just make frank correct? You can build tiered systems that are even better that was frank proposed by just including (free) fibre optic cable? How can you hack anything ever when people just make 1/1/0/6 nodes that run a million useless programs and have response -700 and glue them in front of what ever else it is they do.

Why isn;t ever system a tiered system. Doesn't this just result in 'agent smith' but its really 'matrix smith' in which there are a billion nodes 'glued on' the front of anything with 1/1/1/1 attributes, a fibre cable and an agent running analyze in them?

Also, does a response 0 system instantly crash (say I;'m running to many programs)

If the data never gets stored in any register anywhere in the target system how, exactly, is it supposed to circumvent the 'MAC' filter?

Not being confrontational, just honestly have no idea what this particular complaint entails. What makes a rule set "high resolution?"

It's a fair question. I mean that it goes into greater detail than, say, the rules in the hymnal. As an example, the combat rules for D&D4e are at a "higher resolution" than those of Amber Diceless. The rules for FATAL are a higher resolution than any other game ever. My games include but don't emphasize the Matrix (even though almost all of the players and the GM are computer geeks of some stripe or another), so the rules as they stand are fine.

The attack I was thinking of is a sequential (or semi-sequential, if you pick your IPs right) brute-force attack. You drop packets that don't have the right source, right? If I just send pings until I get a response, I can find out what IPs you like.

As far as the "lots of IP addresses to try" problem, it's not as big a deal as it first may seem. Sure, IPv4 uses over four billion addresses, but those addresses are separated into categories with different features. For example, I can guess that your home network IP addresses are all 192.168.*.*, because the 192.168.0.0 domain is reserved for local networks. So is the 10.0.0.0 for larger networks. Given that, I can guess that your home router's address is 192.168.0.1. You can change it (to say 64.233.167.99), but you run the risk of eclipsing the part of the Internet that has been assigned that IP address (in this case, one of the google.com servers).¹

IP assignment is another part of what makes life easier for the attacker. I know you're not going to have a google.com address. I also know you're not going to have dumpshock.com, pavao.org, etc. So I can remove all of those IP addresses from my attack list.

With MAC addresses, it's even easier to remove addresses from my try-it list. The first half of a MAC address is determined by the manufacturer, and a finite number of MAC addresses have been assigned to router manufacturers (I don't, for example, need to try anything from Palm or Motorola). If I know the manufacturer of your equipment, I can cut the number of addresses I need to try almost in half.

There was more I wanted to address, but I forget what it was, so I'll post this and go back to read more stuff.

¹This is just an example, as I would only be trying to ping you at 192.168.0.1 if I was already inside your network. It's just illustrative of the IP assignment process.

...
Exploit is about backdoors, buffer overflows and social engineering.

Like Frank said you don't get to use Exploit if you ain't in Signal range.

Similarly, you don't get to use Exploit if you ain't spoofing a valid source address.

Actually, in current tech there are LOTS of ways to get a message into a system without having a "valid" source address.

Note that eliminating the access ID entirely is not an option, as most nodes will refuse access to unidentified devices; access ID must be spoofed instead.

Here's the thing. Whenever you seek data on the Internet, your network card opens a port to the world. If it didn't, you wouldn't get information back from the Internet. For example, when your Web browser loaded this page, it opened a port on your machine that listened for incoming traffic. That's a vulnerability, although it probably only lasted for the amount of time you spent loading the page (although at a Complex Action or more per second, that can be a long time). Now, there are firewall-y things that keep that relatively safe, but like I said, networks are designed for use, not security.

Sure, but in 2070s tech:

... quote about the use of Spoof ...
-Frank

There seem to be two different notions mixed up in this discussion.
There is Spoofing a specific identity. That is clearly relevant to those arguing that systems are hard-locked. It requires finding something to pretend to be.
There is spoofing an arbitrary identity. That simply provides you with an identity which is not trackable to you.

There is an argument (strongly supported by the quote Frank cited) that to do ANYTHING on the Matrix you need an ID. And it better be a spoofed ID. But there is no particular target for this.

This spoofing seems to be much broader than for use in Exploit.
Frank, feel free to correct me, but I think your point is that by Raw one could probably perform Scan and Sniffer without an ID, but after taht one would need an ID (Spoofed) before performing any operation, including Exploit.

Other folks seem to be asserting that in order to Exploit a node, one needs a Spoofed identity that is specifically acceptable to the targetted node, before you can even attempt an Exploit.

These are two different assertions. With very different implications.

Joel

PS: What ID does a TM have, when he chooses not to use a Commlink with a stored ID?

Assuming I respond to Pings at all. This is one of the areas where my network-fu is weak. My shorewall.cfg is locked down so hard by default that I've never been able to get it to permit Ping to function in or out of the LAN.

Did you read my subsequent posts? The address space of ipv6 is so ridiculously big [insert HHGTTH reference here, lol] that you're easier to go through all the addresses that have been assigned than all the ones that are possible. Presumably with the 2070 mesh network there's not really any difference between WAN and LAN anymore, all IP addresses are unique. Even if you eliminate everything that isn't a personal comm-code you still have millions of IP's to try. (Which is just Exploit calling the Spoof library in your example btw, which seems somewhat redundant.)

Regardless, more than half a dozen unsolicited connection attempts to a hidden node from unauthorized IP's is going to trigger an alert and a counterattack.
Brute forcing active defences is made of fail. Always has been, always will be.

Exploit is about backdoors, buffer overflows and social engineering.

Similarly, you don't get to use Exploit if you ain't spoofing a valid source address.

for reasons I've already offered.

There seem to be two different notions mixed up in this discussion.
There is Spoofing a specific identity. That is clearly relevant to those arguing that systems are hard-locked. It requires finding something to pretend to be.
There is spoofing an arbitrary identity. That simply provides you with an identity which is not trackable to you.

There is an argument (strongly supported by the quote Frank cited) that to do ANYTHING on the Matrix you need an ID. And it better be a spoofed ID. But there is no particular target for this.
This spoofing seems to be much broader than for use in Exploit.
Frank, feel free to correct me, but I think your point is that by Raw one could probably perform Scan and Sniffer without an ID, but after taht one would need an ID (Spoofed) before performing any operation, including Exploit.

Other folks seem to be asserting that in order to Exploit a node, one needs a Spoofed identity that is specifically acceptable to the targetted node, before you can even attempt an Exploit.

These are two different assertions. With very different implications.

Joel

PS: What ID does a TM have, when he chooses not to use a Commlink with a stored ID?

If the node you want to talk to provides public functions, you do not need Spoof. The smallest part of allowed communication opens the door for Exploit.

If the node is limited to specific users, you need an acceptable ID. Legwork, Sniffing, other matrix runs, you need to spoof a specific address. A short visit to the human ressources offices is often worth the time.

OK. I still don't understand. Those rules (which I should have made a catchy name for rather than just calling them "alternate matrix rules") involve many less die rolls than the basic rules. Individual IC copies all get abstracted out, all networks are treated as monolithic entities rather than worrying about individual devices within networks, all defenses are treated abstractly as "Firewalls" rather than having a concern about what access ID you have or encrypted vs. unencrypted nodes and so on and so forth.

It rather explicitly increases the level of abstraction vs. the basic book. That was one of the founding concepts behind the whole deal. So I really have no idea what you mean. Last I checked keeping track of less different entities and interacting with them in less different ways was a lower level of detail. It's actually one of the complaints that I get most (after brainhacking !!11!!!) is that I don't keep track of individual IC or devices. It's a set of house rules for less die rolls, not more.

-Frank

Well, I'm no expert, but if a Decrypt program can, in seconds, defeat the best encryption available in the game world shouldn't an Exploit program be able to find the open ports in your firewall and break its way in within the same time frame?

In 2070, offense trumps defense, for whatever reason.

If the node you want to talk to provides public functions, you do not need Spoof. The smallest part of allowed communication opens the door for Exploit.

If the node is limited to specific users, you need an acceptable ID. Legwork, Sniffing, other matrix runs, you need to spoof a specific address. A short visit to the human ressources offices is often worth the time.

MAC filter that blocks absolutely everything from getting through, then when I roll Hacking+Exploit against your system, I'm not hacking your PC directly, I'm hacking your router.

No you haven't. Unless I'm being really stupid.
Perhaps you could refresh my memory.

How do packets that get shit-canned, without ever being opened, for not being from a source on the short-list circumvent the IP filter?

MAC filter.
blocks absolutely everything from getting through.

No problem.

They don't, or rather they're important because they decrease the addresses on the attack list. Please go back and read my post again, and if you still have questions, let me know and I'll try another way to explain it.

That's the problem; it doesn't. If it did, you wouldn't be reading this, because the information from dumpshock.com wouldn't have gotten through.

Look, I've already described a modern method to defeat your IP filter and MAC filter without sniffing traffic. If you're going to ignore it, then just say you're going to ignore it. If you want to dispute it, please do, but use arguments that address the material in the method described,

One of the things about networks is that their primary purpose is not security. Let me try a metaphor. The door to your home would be a lot safer if it was made of solid metal and was welded to the frame. However, then you wouldn't be able to use it as a door. You could make it so that it had thirty dead-bolts and six full-length bars; you could use it, but it would be a pain in the ass to do so, and you might find yourself using a window because it would be easier. Same deal with networks: they're designed to move data first, and be secure second.

Dude, that's a link to the post where you gave no answers but instead insisted that I think them up myself.

Yes I do have another question.
Who gets your stuff?

You have spammed my hidden network with a number of unsolicited packets from a variety of unauthorized sources.
Suspecting that the source of this traffic is a hacker within signal range stupidly trying to brute force my defenses I have used the appropriate tool, Sniffer, to track your ass down.
Then I, a couple of Registered Fault Sprites, a brand new Rating 8 Fault Sprite I've just compiled specially and a whole bunch of Agents with Black Hammer come to BURN YOUR BRAIN OUT.
For added lulz it might be nice to have the Sammy double tap you in the back of the head while your distracted fighting off said cyber-attack.
Srsly dude. You can't brute force active defenses.
Yes, you can brute force encryption on data given sufficient time. Data has no processing power to spot you doing so and call the cops.
[...]
You know as well as I that nobody brute forces passwords on security sensitive stuff. My banks online facility gives you two attempts.
Two!
After that it takes a week to snail mail you a new activation code.
Either you already know the password or you know a backdoor or a portscan has revealed open ports that might have something vulnerable to a buffer overflow behind them.
Period.

Wrong. Can I point you at swiftnet? The leader designers were security architects.
Booyah.

Hackers break into highly secure systems which is actively impossible in a layered cake model unless you hack on the fly, and then you will trip an alert. While people are unwilling to countenance serious delays on a 'vanilla' system, can I point at Swiftnet again. As a major peice of finance infrastructre with billions of dollars passing through a day and billion dollar transaction liabilities, you are removed from ever being able to access the system ever if you leave a logged in terminal unattended once. Serious systems have serious security.

And then there was the next post, where I filled in the answers. Then you gave the response predicted in the post I linked, which happens to have the response to ... you know what? Never mind.

The attack I was thinking of is a sequential (or semi-sequential, if you pick your IPs right) brute-force attack

If by "who gets your stuff" you mean "who understands what I try to explain," then the answer is "people aged 18 to (usually) forty-something who take my networking classes." If by "who gets your stuff" you mean "where do your packets go," you already said yourself: the bit bucket.

I ... I'm at a loss, here. I will say that there is a rather large difference between an attack on a router and an attempt to brute-force a password on a secure site running Java.

you're making fun of me.

Okay, I see where you're going now. You've got a tiered system. That's fine. It's even described in a nice little sidebar on BBB p223. This means that you're right, I cannot simply walk up to your sacred terminal in the matrix and break in. I have to either Sniff & Spoof to make myself look like one of your friends, or hack one of your friends. If I've got control of the machine at an address you trust, I don't need to Sniff & Spoof. I can simply route my Exploit attempts through your buddy and I'm already on the white list.

IIRC, this has been classic Decking since '89. I wonder why none of us thought of it sooner. Maybe new editions DO give you cancer.

So I ask you to repeat yourself and you post a link to a post you make thirty odd posts and a whole page in the thread before you say:

Funny I was beginning to wonder the same thing. I thought perhaps you had been put up to it by certain other dev's

I've narrowed this down to it's logical idiocy in a least one post.
You have stated that no system can be configured to require that a hacker must first Spoof an IP gleaned from a Sniffer program.

I have no words.

Are you talking about SWIFTNet, the Society for Worldwide Interbank Financial Telecommunication? If so, can I point you at the Wikipedia page for that? That's a messaging system primarily, and it's not even for monetary transfers. It's got some security features, but it's not a routing protocol. The monetary transfers use a store-and-forward client-server routing scheme, which doesn't magically make it any less vulnerable to attack.

True, but serious systems are designed primarily for serious use. Also, while you're pointing me at SWIFT, take a little time to read about it. It secures data, not networks.

BankServ announced today a collaboration with SWIFT to develop a new way of sending wire transfers and Automated Clearing House (ACH) items directly over SWIFT allowing international payments to be carried out in a single step, instead of the two or more currently required.

I think this has been the disconnect between us, here. First off, that's not my position, and I'm not repeating myself this time.

Again, I used to think that, too, but after a number of messages back and forth with the devs, I was told that a device can be hacked even if it's not supposed to be taking other traffic. So no, you don't need to sniff or spoof if you're doing a direct hack.

Could it work? You betcha, as long as the attack doesn't look like a ping flood or other DOS attack that the target router or software firewall might pick up on.

...

Like that.

The target system is hidden. It should not be receiving any traffic from any system not on the list.

...

A hidden, private, comlink network that has just changed its ID might well be able to use the mere presence of outside traffic as such a signal.

http://www.swift.com/index.cfm?item_id=59575
Before telling me to read something about a particular network, maybe you should take enough time to determine I am actually incorrect. It is used for monetary transfers.

Yes it is your position.
Even if a device is not supposed to be accepting ANY traffic from an unauthorized source on ANY port you can use Exploit and not even possess the sniff or spoof libraries.

Now you will agree that might be your position but that on some generic, poorly designed and unmonitored system that bears no relation to the sample system I have described, it will be possible to slowly brute force it over several thousand years.
Like that.

The target system is hidden. It should not be receiving any traffic from any system not on the list.

If it does receive any traffic, even one packet, not from an authorized source it knows it has been discovered and is very likely under attack.
At which point your proposed attack has failed because the target is on alert and is taking active and potentially fatal counter-measures.
For your argument to stand up here you need to propose an attack other than this one.

It is probably moot as what I am talking about is likely to turn out to be 'slaving' when I manage to get hold of Unwired.

Read it yourself. The part you were referring to isn't used for monetary transfers, it's used for secure message delivery. Monetary transfers use a different system.