Networks -- Hacking part 1

ID:96819
 
Jun 12 2010, 6:58 pm
Keywords: hacking
  • Well I'm trying to lay the foundations for the computer networks within the game. It's not going to be like "verb-use hacking device...wait 5 seconds...file retrieved!"

    I want to make this concept as realistic as possible without straying too far from the norm.

    This is a pretty decently sized rant, I'll try to make it bearable. For all you people out there who know about networks and servers, please correct me.

    First lets understand the general concepts of a network;

    Protocol:
  • A set of communication rules
  • Network Interface Card (NIC):
  • Sends and receives signals (messages)


Basic Concept:
Computer A encodes information using a protocol, and sends signals through the NIC.

Computer B receives the signals through their NIC, and using their protocol translates the signals into accessible files.

Spies Concept:
Generally all computers have 2 protocols. One receives information and decodes it from a hub, the other hashes it to be sent back to the network. The main computer puts a hash on the file before sent to the server, and stores the information for later access.

It goes something like this:
record
    //we attempt to retrieve a file from the network off the
    //main computer, we request the file and the protocol
    //creates an appropriate hash, appoints it to the original file,
    // and sends it along
    
    
    protocol_hash = "somesecrethashingpass"
    hash = md5(protocol_hash + record_name + data)
    

    //computer b recieves the file and the hash, 
    //and recalculates to see if its been tampered with,
    //now computer a and b have the same protocol language
    //which means the protocol_hash password should be the same
    
    
    if(hash == md5(protocol_hash + record_name + data)
        //the file is now stored as a copy in computer b
        //whos hash variable is equal to the hash variable 
        //residing in the main computer
        
        return
    
    //this isn't to say someone could have edited the 
    //data and then hashed it appropriately, which is complicated
    //now the server needs to be able to manipulate it 
    //accordingly and send it back without error
    
    
    //this is where hacking comes into play,*
    
    //*Read about this at the end of the article.
    
    
    newhash = md5(protocol_hash + record_name + data + "edited")
    
    //the file and the new hash are then sent to the main computer's protocol
    
    //now the computer checks if it wasn't hashed appropriately
    
    //see if it wasnt interfered and tampered with along the way to computer A
    if(newhash != md5(protocol_hash + record_name + data + "edited")
        alert(file tampered with!)
        return
        
    //check if the record was hashed accordingly through the correct protocol
    if(md5(protocol_hash + record_name + data + "edited")==newhash)
        //the hash was created through the appropriate protocol, it is valid
        update_file
        
    else if(hash == newhash)
        //the file's hash equals the same hash within computer a's record
        //nothing was changed
        return
    else
        alert(file tampered with)





*This opens up a number of possibilities for hacking, which mainly require knowledge and skill.

Now when changing a file in a server, the protocol will create a specific hash based on the information. That data is then sent out, and the main computer will do a check. Both computers are running the same protocol language, so if the file editing was done legally, everything should check out.

Thus making it impossible to simply edit basic information on a record and try to send it to be updated, without changing the hash. Only a protocol assigns a specific 'code' if you will, to be then decoded by that same 'code'. If you don't know this code, its damn near impossible for you to make up your own hash matching the record data, let alone attempting to send the information back through the protocol to be updated in the network.

This is where gadgets come into play. The spy will have access to a laptop, which he can upload various programs and run them locally, or on a server/network. Given he has the right tools for the job, he could upload his own protocols, connect to a server and send files straight from his laptop to be updated in the network.

I think that's all I will rant about tonight. I have left out specifics, just to give you a general idea of how things will operate. Hacking part 2 will cover more of the process.

Now remember, I want to keep this as realistic as I can. If I have made a mistake in my interpretations of a network/server and/or what they can do please correct me.
Jun 13 2010, 6:42 am
wat.
Jun 13 2010, 7:18 am
Kumorii wrote:
wat.

Which is what will separate the skilled spies from the unskilled within the game.

But its generally simple, when I upload it into the game there will be a tutorial explaining very descriptive instructions on how to hack. Trust me, it will be more simple when in the game.

If only I can find out why Dantom.DB isn't connecting to my MySQL database...
Jun 13 2010, 11:04 am
Huh? Dumb it down slightly
Jun 13 2010, 11:18 am
Kingstone99 wrote:
Huh? Dumb it down slightly

At least somebody must understand what I'm talking about??

Well if only a select few people can understand this out of the majority of the players, it will have served it's purpose.

However I may add a more easier functionality to hack networks. I don't think I could dumb it down anymore, but I will add elements within the game to make it as painless as possible.

I've connected data within the spy networks to a mysql database. When I'm finished I'll host a test server.
Jun 13 2010, 11:19 am
Kingstone99 wrote:
Huh? Dumb it down slightly

Yeah.
The general BYOND community won't be drawn to a game they don't understand.

Jun 13 2010, 11:27 am
Also keep in mind that you don't NEED to hack the networks. The agencies' networks contain very classified data, which doesn't need to be tampered with. However, knowing how to tamper with the networks can grant special privileges over the people who can't. The motives behind hacking a network will hopefully inspire players to try and learn the system.

I've included all the information you need to know about how a network operates, maybe I wasn't clear on a few things but I will rewrite a guide later on. Its pretty simple once you grasp the concept, and I will be writing guides and tutorials to help you through it. Eh maybe I shouldn't of even posted this, I was just hoping for some feedback..
Jun 13 2010, 11:50 am (Edited on Jun 13 2010, 11:59 am)
It's a very professional post, and as stated by Suicide himself, competence will separate the skilled from the unskilled. Lol @ people saying dumb it down.
Jun 13 2010, 12:46 pm
Thanks a lot Neblim, its nice to see some people generally grasp the concept.

I'm actually glad that I posted this. Now I can see that the system is complicated enough where not everyone logging into the game will be able to retrieve an agency's mission debriefs, but isn't too complicated as to limit EVERYONE attempting to hack a network.
Jun 13 2010, 1:29 pm
I think that you should have some stuff on things like intercepting packets between two machines, and defenses against tampering on terminals. Maybe you already have this stuff for the part 2 :P

Possibly these terminals can get some physical surveillance as well, like a security camera or a guard on patrol.

And this should get a shiny and sleek interface for the sake of cool.
Jun 13 2010, 1:53 pm
The 'protocol uploading' thing should be implemented as a firmware update to make it seem more legit.
Jun 13 2010, 3:11 pm (Edited on Jun 13 2010, 3:37 pm)
Personally, I'm under the philosophy that dumbing down a game isn't necessary, so long as you're willing to undergo the necessary effort to entice the players to learn what they need to know to play the game.

Insofar as a virtualized computer network that players are expected to hack is concerned, if you're going to make it more complex than a RPG-style skill check, bridging into virtual passwords, that's certainly doable. The only question is whether or not your efforts will be rewarded with additional fun.
Jun 13 2010, 5:06 pm
It's pretty easy to understand guys. He even included a picture of the idea!
Jun 13 2010, 5:14 pm
@Geldonyetich
The possibilities that are opened up to the spy by being able to hack a network is sure to be enough motivation for a player to learn the system.

Like I said, hacking is not a necessity. The game still operates without the need to hack these said systems. However, learning to hack a network can allow you to sabotage your enemies to going as far as switching agencies illegally. You could completely shut an enemy spy out of his/her agency, and you could also trick the enemy agency into thinking you belong to that agency. I believe my efforts will in fact be rewarded with additional fun.

@Audeuro
Thanks for the feedback, I will play around with this

@D4RK3 54B3R
Packets did cross my mind, I would have to do a bit more research on this before I implemented it.

Maybe a frequency sender/receiver unit to 'catch' data frequencies, translate the data and rewrite, and then send them back to the intended target. The system opens up an immense amount of possibilities

Oh do I have plans for terminals. The higher classified computer terminals will be secured through fingerprint authentication (already implemented) and motion sensors. Now an ally spy should be able regular access to a terminal, so instead of setting all these alarms off, they simply read his ID card. If the ID card corresponds to the correct record in the agency database, they are allowed access.

(This also opens up more hacking possibilities. Forging ID cards and fake records to be uploaded into the database..)

Possibly weight sensor floors, infrared lasers, sound and temperature sensors, the list goes on...