DefconNetworking.org: Archive - 2012-07

Navigation

 

I'll definitely have a follow-up post later on, something more "personal" given
my retirement, etc. It's a really emotional thing for me. I've certainly have
had an amazing year, well, 17 years! I'll say more about that later.

Meanwhile, here are the slides from closing ceremonies: DC20 Network Closing (PDF 3MB)

I hope everyone enjoyed this 20th Anniversary Edition of DEF CON. There will
never be anything else like it!


HAPPY SUNDAY MORNING!

Oh, sorry, are you hung over?

At least you're not alone!

Half the Network team is up & moving at least.

Here's your morning bandwidth graph!

20120729-net-2012-07-29-0845.png

The DC20-MEDIA file server is connected via dual 1Gb LACP trunk (2Gbps capability). It's been BUSY today! Good job!

20120728-media-2012-07-28-1828.png

Upload content to share with other con attendees (needless to say, you may want
to trust content hosted by DEF CON more than random stuff shared by con
attendees).

NETDrive (http://www.netdrive.net/download.html) is windows software that will
allow you to easily map a drive via WebDav.

This software was also provided for you on the DC20 Conference CD.

Note:

NetDrive Settings:

Site Name: dc20-media.defcon.org
Site IP: 10.0.0.32
Port: 21
Server Type: FTP
Drive: "select a drive letter"
Account: connect as anonymous

(if you don't select anonymous, it will prompt you for a login; that means you're doing it wrong)

Under Advanced: force SSL for all communications.


Good Morning! It's amazing what just a couple hours sleep will do for you :)

We hope everyone had a great DEF CON 20 Friday night. Great turn out at all the
parties, with some great entertainment (DJ's, bands, etc). Too many for any one
person to see all of them (kind of like Disneyland, right?)

Everyone's going to be asking about DCTV - right, let's get on with that.
Several of us were up late (me, Mac, Richard) working on ideas to get things
fixed & back to working order. I think we finalized on Plan Echo(E). We still
have Plan Foxtrot(F) in our back pocket. What was wrong? Combination of
things. Primary issue was a codec that was mostly-standard, but slightly not.
Couple that with newer versions of software that didn't handle the "slightly
not" part right. We found the right combination of software and command-line
flags, and at 12:30am last night declared (very quietly, so we didn't jinx it)
victory - at least with our proof-of-concept we setup in the NOC. We'll
re-deploy equipment in a few minutes and verify our hypothesis in production!

Again, we apologize that things weren't running well yesterday. This has been
our #1 priority to resolve since yesterday morning and appreciate your patience.
(I know I sound calm now, but I was such a stress-ball last night!!).

Other than that, we are having a lot of people using wifi, and great traffic. I
think we're going to have to upgrade next year. Our controller is running out
of memory throughout the day. Rukbat has been amazingly diligent at sitting
quietly in the NOC, all day long, clearing memory, keeping it running as best he
can. Can't say enough good things about Rukbat, seriously - I should do an
entire post about this guy! He's bloody incredible! But meanwhile, if you do
see intermittent loss of connectivity, either wait a minute or two (I know,
patience is hard when you're trying to pull up a webpage with someone standing
next to you waiting on it) - or email us (noc-at-defconnetworking-dot-org) and
let us know. A couple people did yesterday, it's helpful, so thank you guys.

Looks like all afternoon ya'll were using some massive bandwidth. Here, have a
look...

20120728-net-2012-07-28-0800.png

We discovered the "lost checkbox" that needed to be un-checked. Now FTP clients
can connect, get directory listings, etc.

The issue was mostly on Windows clients.

You should be all set now

So...LEECH!

...and contribute if you have anything!


From a gentlemen who figured out his LINUX problems with the DefConSecure WiFi -
we wanted to pass this along.

"RESOLVED have to add .cer to /usr/local/share/ca-certificates and run

sudo update-ca-certificates

OpenSSL must be aware of the CA cer or validation fails"

Hope this helps!


90Mbps!
20120727-net-2012-07-27-1440.png


Happy Opening Morning!!

We're finalizing the video feeds for DCTV. We have guys up in the CATV head-end
in the hotel working to get signal across the property properly. Our apologizes
the delay (wouldn't be DEF CON without some small snafu eh?). We're working as
fast as possible and will let you know when it's live. (Also check @TheLockheed
on Twitter, I'll post updates there, too)

UPDATED

DCTV will be broadcast to Guest Room TV Channels 55-59:

  • Track 1 - Ch 55
  • Track 2 - Ch 56
  • Track 3 - Ch 57
  • Track 4 - Ch 58
  • Track 5 - Ch 59

Have a great DEF CON 20!!


20120726-net-2012-07-25-2015.png

The way SSL certs are being signed has changed. In the past, a Root CA signed
SSL certs directly. Now (as of this year), allegedly the industry (at least
SecureTrust/TrustWave) now have a Root CA sign an Intermediate Chain Cert, which
in turn signs all down-stream SSL certs.

What's that mean to you?

Windows machines doing 802.1x try to validate the SSL certificate by default.
For that to happen, they have to know about the chain cert that signed the
server's SSL cert.

Windows OS's don't know about the new chain cert. So you'll have to import it.

You can grab the cert from https://wifireg.defcon.org/ca.php

Download the "wifireg.cer" file - double-click, import it.

From that point, you can "validate" the cert and proceed.

(Your other option is to opt not to validate, and the login process will proceed
as if you used a self-signed cert).

We've been testing this the last couple hours and believe this is currently what
many people are seeing (and what we see in our logs).

Try this - if it doesn't work, let us know and we'll dig into it further.


We're noticing some people having problems with the TrustWave-signed certificate
for 802.1x on DefConSecure WiFi.

We'll have more on this shortly, with an updated cert-chain file to import (if
you don't already have it).


Reminder, to create your login for DefConSecure wifi, go to
https://wifireg.defcon.org/.


It's so broke even the "we're down" page is broke!

20120726-twitter-2012-07-26-0935.png

The lines! OMG! THE LINES!

The reg line backed up to the casino, then out to the pool. Holy crimeny!

But luckily the line is moving and everything seems kosher. Thanks for
everyone's patience!

Network is going great so far. People are active, no complaints so far.

If you have issues/questions, don't hesitate to drop us a line
(noc-at-defconnetworking-dot-org).

Today we're mostly helping vendors & contest teams get all setup, connected, etc.

We worked with the Network Ninja's last night (mostly Mac & Rukbat, two of our
miracle workers) to get some cool stuff setup for them!


Twas the night before DEF CON ... and all throughout the house... there was a
heatmap.

Here is the "heat map" for early arrivals (ok, mostly staff) using DEFCON-SECURE
wireless so far.

20120726-heatmap-2012-07-25-2241.png

The Wifiz are good. We have 405 people pre-reg'd for DefConSecure WiFi.
Doolittle has been streaming music all morning.

We've been working to stress the bandwidth (100Mb capacity). We've hit 41Mb
last night with Torrents.

Today we're patching the hard-lines for everyone. Doing a Fry's run shortly :)

Mac setup Splunk so we're logging what we can; hope to have some interesting
stats for closing ceremonies!

Contests, Events, and staff groups are in & arriving - we're helping them get
everything setup.

You're going to really like what the Ninja's have going for you guys today!

CTF already had their music pumping through the night.

Are you ready?


Guess what this is?

20120724-map-2012-07-24-1930.jpg

The NOC team just walked the entire space. Things are looking good.

Fridges are stocked.

Chill-out area and Rio Pavilion has a couple AP's down - someone probably typed
"shut" instead of "no shut" :)

Fry's run soon.


Things are going well.

Very well.

Core is up.

Internet is pwn3d.

Wifi is up.

Secure wifi is secured.

Don't jinx it.

Srsly.


https://wifireg.defcon.org/

You can now pre-register your secure wifi login name/password for DEF CON 20.

We are up & open for business!


DEF CON NOC is live. Oh, YOU want network access, too? Ok, we'll keep working
on that.

20120723-imag04362.jpg

Officially posted from the DEF CON 20 NOC!

Setup proceeding a-pace. Cross your fingers! :)


The DEF CON 20 Network Team is at the Rio. Setup begins far too bright & early
tomorrow. Let's do this!!


Mac has the "core" setup & ready to go.

20120719-dc20-presetup.jpg

Friday the 13th.

DEF CON is sneaking up on us.

The NOC team heads to Vegas in a week. Seriously, already?!

We've rebuilt some of the infrastructure on new equipment this year. Kept a lot
of things the same - it's going to be a BIG year for DEF CON, so we want to do
all we can to make sure everything works the first time!

Once we get on-site, get the core infrastructure up, we'll let you know that
we're opening up wifi login registration.

(ok, you happy @SteveL_UK? :).

We're starting with 100Mb to the Internet - with another 100Mb on stand-by.

We've also got some new guys on the team this year; we'll see if they (or their
livers) survive!

Hit us us via email, or me via twitter (@TheLockheed) with questions.