Layered ICE
Defenses are usually layered, with one layer protecting an entire network from unauthorized connections, another layer over each computer on the network, and yet more protecting specific programs or data on a critical computer. Individual computers usually runs their own defenses, and a network often has one or more dedicated computers running network-wide defenses.
Each layer must be defeated separately, by Breaching it, Spoofing the gatekeeper Listen program, or – if the Blackhat can get Control of the computer that’s running it – simply halting the program. Even ICE can be disabled by gaining Control of the computer it’s running on, but the program resists unauthorized attempts to tamper with it, so it must be Breached or Spoofed before it can be Controlled; in effect, all ICE programs serve as their own layer of ICE against tampering.
This vulnerability is alleviated by running some defensive programs from separate computers – one computer that monitors a neighbor’s ICE, for example – so that if one system is compromised, another can still report the problem. A Blackhat's only recourse is to tackle multiple systems at once, e.g. Spoofing one while Breaching the other.