slade357

Hmm, I don’t mind your idea at all but it is hard to implement so I see your trouble. Some folks have given good options but I’ll offer a different way to do it. I’d have one attack per player since it is a god, let him wreck house. Maybe increase the number of enemies to accommodate the attacks. Since this is a god regaining their power and their trying to control it I’d have two DCs for their check each round. First DC is if they listen and should be passed most of the time maybe 10 or 15. If they don’t then it might be bad for the party but otherwise they attack the target as intended. The second DC should be failed most of the time, maybe 20 or 25. If they fail this DC the the god still acts as ordered but releases a chaos burst as it does. I personally always use the d10000 list of chaos burst, its fun.

I didn’t see that but even easier

The only thing here is you’re well over drinking age and she is awhile away. If that’s part of your lifestyle it could be an issue. Otherwise if there’s a difference in maturity that’s the goal of dating, to find that out. 6 years different may seem big now but it’s really not.

Taxis are expensive and have the fuel issue per the post were replying to. They were pretty long winded but busses do take longer than driving yourself that much is true.

You’re pretty well on the right track. It might help if I explain what the attack is doing more. So an attacker starting out knows nothing about you or even where you are. So they need to figure these things out. The most optimal way to do this is by scanning everything and I do mean everything. There are automated scans that get information on literally everything that is open on the web. An unconfigured device that’s capable of ssh can get hit with login attempts after just 30 seconds of being plugged in. So first they try to find someone and let’s say by random they get you, they don’t know who you are yet but they have an IP now. First they run scans to see what’s available, what services are internet capable and talking to anyone who asks. Once they know what services they will do banner grabbing to try to find out specifics about the service like version number. Once they have this information they can dig for more or look for vulnerabilities specific to that service and version. Metasploit will actually tell you which attacks work for the version numbers you’ve discovered, pretty handy. If they decide to proceed they send the correct exploit to you computer and bam they’re in to do whatever. If you’re running something out of date there are usually vulnerabilities that just will allow access to attackers, this is why updating is important.

Security through obscurity first relies on not being seen in the first place whether through not connecting to much or being something no one cares about hacking in the first place. Second it relies on being uncommon enough to not have a bunch of known vulnerabilities. A random GitHub program with 10k downloads is going to have a lot less known vulnerabilities than Microsoft office. Third it relies on being so little known that even if someone can figure out how to hack in they won’t know what to do. Imagine trying to find important documents on someone’s heavily customized Linux box as opposed to a Windows box.

Tldr: security through obscurity is first hoping you don’t get seen then hoping if you are seen that they don’t care. It’s not good security but it might work.