DefconNetworking.org: Defcon 17

Navigation

 

Dave Bullock did a summary write-up & photos from the DC Networking efforts
again this year - check it out!

http://www.wired.com/threatlevel/2009/08/inside-the-worlds-most-hostile-network/


I'll cross-post on the DC Forums for further discussion. [EDIT:
posted here
]

I saw a story posted over on
CNET
.

I'm always a bit disappointed when media propagate the "don't use the network at
the events" item. It's scare-mongering for headlines (IMHO). DefCon is a
security event. Expect shenanigans, but don't scare people away.

Good practices can keep you secure, just as they will on the Internet. Turn on
your firewall, patch your system and apps, don't keep confidential information
on your laptop. This is no different than what I tell my corporate users in my
day-job.

There's nothing that happens on the DefCon Network that doesn't happen on the
Internet.

As the head of the DefCon Networking Team, I was approached by several
first-timers at DefCon this year who said they were "warned" about how hard-core
and bad/hostile/etc the network was - and after experiencing it themselves,
found it just wasn't true.

Any difference-of-opinion I have regarding "don't use the wifi at DefCon" is due
to the efforts me and my team of people make in order to setup the network at
DefCon. We put in months of planning and a lot of time and effort to make it
happen, and it's a big let-down when outlets like CNET make sweeping statements
like "don't use it."

To that end, I welcome any journalists or media to contact us to discuss the
DefCon network in more detail.


Thanks everyone for their support and efforts to make DefCon17 the best ever.
This year, even though we added Thursday into the official schedule, was really
smooth operationally. Plus with (what I would personally describe as) record
crowds...wow! Thanks to both all staff and all attendees for kicking ass!

As always, we have the slides I used at Closing for you
[here]
(PDF, 12MB)

Let us all get home, catch up on some sleep, and we'll start working on
sanitizing the PF configs and we'll get that posted for peer-review.

Email us if you have any questions, comments, etc!


Traffic's down today - people must still be asleep :) We had to reboot the
firewall last night, we're pretty sure it's a hardware issue, so we'll have to
get that replaced for next year.

Starting to put together stats & facts (and embarrassing photos) for closing
ceremonies. Wow, is it Sunday already?!


20090801-DC17_090801_1500.png

20090801-DC_090801_1000.png

20090731-DC17_090731_1915.png

We suspect the major bandwidth usage is due to everyone downloading the iPhone
OS update. Need more analysis (and beer). oh, wait, look beer...!


Traffic to/from the Internetz currently...

20090731-DC17_090731_1640.png

Traffic to/from the Internetz currently...

20090731-DC17_090731_1435.png

Compare to DC16...

20090731-dc16bw.png

Traffic to/from the Internetz currently...

20090731-DC17_090731_1120.png

As promised, here is the presentation from yesterday's DC Network Session
talk/discussion --> [click me]

From the whole DCNET team, thanks to everyone who showed up! I hope it was
useful - it was really hard to do a detailed peer-review of the configs in that
environments, so we'll start with firewall rulesets (post-con) and get a
discussion started on the DefCon Forums. Look for those shortly.

If you have any ideas on what else we can bring to the network environment to
make it useful (e.g. IPv6 - it's on the list!) please let us know.

Enjoy the rest of DefCon this year!


Yes, we're done. Earliest EVER! Everything is patched & verified.

Only remaining housekeeping items are distributing desktop switches tomorrow,
and setting up the Table of Doom switch (potentially being renamed as the
Ottoman of Terror). Also, we'll throw DCTV live tomorrow morning as soon as AV
is in.

Now then...there's this matter of speaking tomorrow...I should figure out what
that's going to be.


Network setup continues.

Got a lot of the patching done yesterday (what we are "allowed" to do versus
hotel IT and/or AV)(trying to figure out what IT is
supposed to do versus AV is really confusing at times).

Videoman, Mac, and Sparky just took off with IT to go finish up patching for the
contest area and the capri rooms.

Derek's got DCTV going.

The DCInfoBooth guys are setting up their server in the NOC now.

We're in full swing. Things will get busy for the whole DefCon Goon staff
today.


The new DefConNetworking.org site is live. And we did it before we started
drinking (much).

Core network is setup & fully functional. Wifi is mostly up (Hotel will finish
up after lunch). The team is working on getting all network requests patched
through to their destinations. Life is good.


The DCNET team is already on it's way to Vegas! Most of us arrive Sunday, with
the Canuck's on Monday (or is it Tuesday?).

Equipment has already arrived.

Lock will, again, attempt to not flip his vehicle this year (today marks 4 years
since it happened!).

Also, look for an update to the website this week, before the show starts.


Pardon the lack of updates this year. It's been crazy-hectic, but we have been
working behind the scenes doing our things, in spite of the lack of
communications.

Derek has something pretty kick-ass lined up for letting you show your pretty
face on DefCon TV this year. "DefCon Idol"? No no. We know you can't sing, nor
would we ask you do. But be on the look out for something with a big green
button!

Some people are excited that we're going to be talking about the Network this
year. Thurs nite at 1600, we'll be holding the "DefCon Networking Session" -
we'll be around for a couple hours so we can chat & talk with you about the
DefCon Network. We'll lay out some history of where we started, how we got to
where we're out, but MOST importantly, interact with you on your thoughts about
the network. We'll show you our designs and layouts - this is your chance to
participate and provide feedback. I should note not to expect changes from this
session to show up this year - we'll already be done by the time this talk
happens, but we're interested in how you think things can be approved (balancing
security, functionality, and budget--oh, wait, don't have one of those,
nevermind).

As a pre-cursor, Lock will be giving 5 mins on the DefCon Network at the
DefCon101 talk earlier Thursday afternoon.

The Table of Doom! I've been so busy I haven't opened registration! My bad,
sorry guys. If you want in on this massive data dump of the DefCon network, drop
me email [lock-at-defconetworking.org] and ask for a spot. I have 8 spots, 2
already spoken for. Plan on bringing 1-2TB of disk for capture.

Finally - we're working on a visual re-vamp for the site here. I'll own up, I
threw this together in stock-HTML one afternoon a few years ago. I was hoping to
have it done by now, but matters of state have kept me away from doing updates.
But check back soon!

We've gotten our copy submitted for the program. We have our rooms lined-up.
We're starting to pack up the pelican cases for shipping. We're making the final
network layout plans now. Yup, I love the smell of DefCon in the air (slightly
sweeter than naplam, but just a deadly!)

See ya'll in a couple weeks!

--Lock


For years, the inner-workings of the DefCon NOC were kept under wraps. Last year
Wired was allowed a sneak-peak inside.

This year at DefCon17 we are opening the kimono. In true open-source style, we
are holding a peer-review discussion session. We will be showing you how the
DefCon NOC operates, how the network is laid out, designed, what it is we do.

This is not a typical lecture-style talk, but instead intended to be an
interactive session, which is why we've arranged to hold it in the more intimate
setting. We often get people interested in participating as part of the team -
this is our way of opening up and allowing you to have a chance to review the
network, make suggestions, tell us where you think we could improve upon things,
and make your own contribution to DefCon!


The planning has begun. There may be squirrels.