Derniers sujets
» ma liste de minis
par qc mech Sam 04 Juin 2016, 10:30 pm

» Job 1: The Milk Run (honest!)
par Noirfatale Lun 25 Avr 2016, 12:02 am

» Ninja All-Stars
par Rathy Jeu 10 Mar 2016, 5:54 am

» Torin "McTwist" O'Neil
par Rathy Jeu 31 Déc 2015, 11:22 pm

» Joyeux Noël
par Noirfatale Dim 27 Déc 2015, 1:54 am

» what if lord Vador was Donald Trump
par Metalmek Ven 11 Déc 2015, 9:45 pm

» Battlebabes!
par Rathy Dim 06 Déc 2015, 5:15 pm

» "It's Shai Hullicious!", Pain en forme de ver de "Dune"
par Metalmek Dim 06 Déc 2015, 5:30 am

» Un rêve de gamer...
par qc mech Ven 30 Oct 2015, 11:11 pm

» Lazy compagny
par qc mech Ven 30 Oct 2015, 12:58 pm

Juillet 2017
DimLunMarMerJeuVenSam
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Calendrier Calendrier


2 - comment compromettre la sécurite d'un reseau

Voir le sujet précédent Voir le sujet suivant Aller en bas

2 - comment compromettre la sécurite d'un reseau

Message  Noirfatale le Ven 18 Juil 2008, 4:29 pm

So now that your game contains a Bad Mother Hacker or two, you need to make it look real, or at least more real than it currently does. In this column I'm going to talk about making your networks feel more real in the game.

How Computer Networks Are Secured

Before we can start attacking networks in our game, we need to know how they're going to be protected.

Hardware

The first line of defense for a computer network is the hardware that the network is built on. These are all of the things you can expect to find on any modern corporate network:

* Power Supply - It's easy to take a network off line if there isn't reliable backup power. This includes things like battery backups and generators. Knock these out and systems go down, often staying down for long periods of time.

* Switching and routing gear - These are small dedicated machines that direct network traffic from place to place. These machines tend to be extremely secure, because if they are compromised it is trivial to capture all transmitted data, or to impersonate a legitimate participant in the network.

* Network Sniffers - These are servers that sit very silently on the network, observing traffic as it goes past. Sometimes they sit unobtrusively off to the side, merely notifying an administrator if something interesting occurs, and sometimes they actively filter all traffic and intercede if some known bad predefined event occurs.

A more secure network might use more elaborate measures. The easiest and least exotic is simply physical isolation. The transactions for transferring money between banks, for instance, don't happen over the regular internet, but private lines that are used strictly for that purpose. More sensitive information, such as the economic models and predictions that the Federal Reserve uses, is stored on machines without network connections at all.

A network might be secured via smart cards. That is, all of the traffic is encrypted, and without the appropriate card (and almost always some other identifying information), the traffic cannot be decrypted. These devices tend to look like a key fob or a USB key.

Software

Firewalls and network monitoring software are the next line of defense. This software shares a lot in common with the network sniffers I mentioned above. It goes further than that though. On your own computer there is a good chance that you have anti-virus software. A lot of this software also looks for suspicious activity. Any one of the things that a hacker's program might do is probably acceptable, but combine them together and the better anti-virus software will get suspicious.

There are also intrusion detection programs. There are several publicly available programs, and the wiley hacker knows to look for these and disable them or avoid them as much as possible. There are a lot of home-brewed intrusion detection systems too, and these are often employed in depth, so that even if you manage to take out one another program will detect that you did it. These programs usually don't make themselves known to the intruder. Instead they silently notify a responsible person that there is a problem. Some of these work in real time, but often they detect an intrusion after the fact. My own public facing machine, for instance, takes a look around the hard drive every morning to see if any important settings have changed and emails me the changes. It also takes a general inventory of the system status, and some attacks would reveal themselves that way.

People

The people who install and maintain the network are the ultimate defense. If they are suspicious (and any good systems administrator is) they have a full set of safeguards in place that will notify them of badlife in the network. They will also know what their network activity is supposed to look like and they will check it occasionally to see if it looks the way it should.

How Networks are Compromised

There are plenty of tools

Software

Most software used to compromise a system consist of tools used by legitimate system administrators to maintain, diagnose and secure their network. The same tools that the network's owner uses to find weaknesses to fix can be used by an outsider to find weaknesses to exploit.

There is software specifically written to attack computer systems. Some of these tools are designed to exploit faults in widely deployed programs or operating systems, but much of it relies on a human component, posing as something innocent. Sometimes the point of this software is mere joy riding, taking over a system or network just to prove it can be done. More commonly, the goal of an attack is to use the compromised machine's network or computational resources. A single operator might control hundreds or thousands of machines, selling their resources to the highest bidder for the purpose of other attacks, launching confidence schemes, or advertising black market sales of controlled products.

Something called a Honey Pot is also common. The name comes from Winnie The Pooh, who couldn't pass up a honey pot and inevitably finds himself stuck. The honey pot computer or program serves the same purpose. It looks like an easy or rich target, ripe for the picking. Depending on the nature of the network and the deviousness of the operators there are a couple of approaches.

It's possible that it contains convincing but intentionally misleading information. The machine takes some effort to compromise, but ultimately can be broken, so that it looks convincing. The attacker thinks they have a coupe, but when they attempt to use the information disaster results. Misleading emails about a pending corporate merger, for instance, could cause someone to take a bad position in a company's stock and tie up resources that could otherwise be used against the provider of the bad information.

It's also possible that the machine is very closely monitored, and once somebody is caught compromising the service the defensive action kicks in. It could be something as direct as shutting down connectivity from the attacking network, or as subtle as tracing the attack back to it's source and dispatching a couple of muscular fellows with bats to address the problem.

Hardware

Specialized hardware for attacking systems is less common. One scenario that's been in use since the Cold War is an electronic listening device that captures and transmits data signals. Installing these requires physical access to critical network resources, but this is easier than you might expect.

A simple exploit would be to install somebody as a janitor in the target organization. That person installs a bit of common, off-the-shelf wireless network gear behind somebody's desk, in the middle of the network cable that goes to the wall. If the device advertises itself with a name similar to the legitimate office network, or has been modified so that it will only transmit data during times of the day when active network monitoring is unlikely (this is not particularly difficult), chances are very good that it will go undetected unless the network administrators are extremely vigilant.

Hijacking People

The single biggest weakness is still the people. Any organization of significant size will have disgruntled employees, even if they are generally treated fairly well. A bad manager or a bad employer can create whole departments or companies full of people who wouldn't piss on their boss to put him out if he caught on fire.

The CIA is known to use a very simple technique for finding these disgruntled employees. They will run a want ad for somebody pretty much matching the qualifications of the position they want to compromise. They get a fair bit of chaff, but more often than not they also get someone in the position they're interested in. The interview is conducted in a legitimate looking setting. Non-disclosure agreements are signed because the area of interest is usually pretty sensitive, even then the interview isn't a sham. Then the agent pretty much lays the meeting out for what it is, save for identifying who they work for. The agent is well protected because leaking of the non-disclosure papers would destroy the mole professionally. If the person is disgruntled enough to be leaving, they're also often completely on board with sticking it to their employer.

The one risk of the human agents is that the situation is pretty stressful for the mole. They can crack under pressure. They can do things that will tip of an observant person, such as living well beyond the means of their salary. They can also develop mental illnesses. One man, who tipped the FBI to Archer Daniels Midland's international price fixing scheme for agricultural products in the 1990s, was effectively a doubled agent. He was feeding the FBI information about ADM's misdeeds in order to keep them from looking too closely at his own massive embezzling from ADM. By the time he was arrested for the embezzling he had developed a full blown obsessive compulsive disorder.

Taking It To The Table

Since you probably aren't actually compromising computer networks, what you really care about is how this plays out at the game table. Here are a few basic pointers.

It's all about the people

The point of play for me is to give the players the opportunity to be heroes in their own stories. Man versus unintelligent machine doesn't make for a very engaging story. It's what I call a day at the office, and will not make for a lot of opportunity to play the hero (I so rarely get to be the hero that I don't even bother to wear the cape or tights to the office any more).

Approach the network compromise from the point of your hero or villain versus the maintainers of the network that they are attacking. If the network intrusion is important, fight the battle system by system. Attackers or defenders can be given a bonus based on preparation they've done, such as network hardening, detection of weaknesses, network mapping or security compromises.

If you are playing in a futuristic setting where artificial intelligence exists, such as Transhuman Space, the attackers may have to face a network native. An artificial intelligence should be treated as a full blown hero or villain, or at least a well fleshed out henchman. It might even be desirable in that case to think of the attack in more traditional tactical terms. Firewalls and security software become the equivalent of cover and concealment. It's even possible for the artificial intelligence to launch a counter attack, or to take prisoners, albeit electronic ones. The classic science fiction short story "Press Enter" makes good reading if you want to consider this option.

What Happens When You're Caught

Getting caught is always a risk. There is every chance that you won't be aware that you have been compromised until it's too late. Thinking you've taken down the target's security cameras, you don't realize that they knew about you all along until your team is surrounded by a lot of nasty people with a lot of nasty guns.

You could get locked out of the network and have to start from square one. This is the action of most corporate networks. They see you've been causing trouble and the firewall, the electronic world's equivalent of the muscular doorman, puts your name on the list of people who don't get in.

They could make a quick call to law enforcement authorities, especially if there was money involved. Law enforcement loves busting criminals who use electronic tools, because it makes them look smart and gets their pictures on the evening news. And it makes you, the criminal, look dumb, because you got caught by a bunch of squares in matching suits. That serves law enforcement's purposes well too.

As the game master, you need to determine which of these routes you want to take when the user get caught. It's a really good idea to have your users get caught from time to time, because a hero isn't a hero if (s)he doesn't have obstacles to overcome. Phillip Marlowe wouldn't have been much of a hero if he always had the drop on the bad guy. Raymond Chandler wrote Phil as the perpetual underdog, the guy who won because he wouldn't quit, even though he was always in trouble. You pretty much expected that he was going to get knocked on his head at least once in any radio episode, and somebody was going to get the drop on him. It kept the stories exciting, and you should do the same for your hacker characters.

Let the computer guy get himself into hot water. His story needs action too, or the computer guy is likely to stop making computer guy characters. Instead let him get into situations with his skills so that he needs the help of the muscle bound characters. Likewise, put him in a position such that he gets to save the muscle bound characters' bacon. That let's everyone play the hero for a little bit and keeps them involved. It also makes the hacking meaningful to the story.

Handling the Double Agent

When you are using a mole to gain access to the information, there is a natural drama between the handler and the agent. The situation is explosive and you should milk it for everything it's worth. It's hard to know when to trust this person and when not to. This makes it a great opportunity to feed the players false information, getting them into trouble and providing a great opportunity for heroism. For a television inspiration I highly recommend the TV show Burn Notice. It's on USA Network, but if you don't get that channel or can't wait for it to come around again you can get a DVD set online or from your local library.

Some good game options:

1. The agent is discovered by his original employers. He gives up his handler, either willingly or under "intensive interrogation".

2. The mole freaks out at a crucial moment and can't make good with some piece of information. The ticking clock of your plotline doesn't allow the characters to wait though, and they're forced to act without the information they need.

3. The double agent was never a double agent at all, but a plant put there to provide false information. The network he got you access to was full of false information, or the plans he downloaded from the computer failed to mention the backup security system.

4. The agent is discovered and is forced to flee, requiring assistance from the people who got him into this mess. If the characters don't help the agent, he'll be captured, eventually give them up, and then they'll be the ones needing to flee. For added complications and fun, give the agent a family that needs protecting.

Conclusion

Hopefully with a little knowledge about what security systems look like, you can add a more realistic flavor to your game. I also hope that I've given you some good ideas for using the computer hacker's skills and common activities to add drama and plot twists into your game. Computers provide ample opportunity for trouble, and as a game master trouble is your business.
avatar
Noirfatale
El Dictator

Messages : 1781
Date d'inscription : 15/04/2008
Age : 42

Voir le profil de l'utilisateur

Revenir en haut Aller en bas

Voir le sujet précédent Voir le sujet suivant Revenir en haut

- Sujets similaires

 
Permission de ce forum:
Vous ne pouvez pas répondre aux sujets dans ce forum