Defcon 20



I'll definitely have a follow-up post later on, something more "personal" given
my retirement, etc. It's a really emotional thing for me. I've certainly have
had an amazing year, well, 17 years! I'll say more about that later.

Meanwhile, here are the slides from closing ceremonies: DC20 Network Closing (PDF 3MB)

I hope everyone enjoyed this 20th Anniversary Edition of DEF CON. There will
never be anything else like it!


Oh, sorry, are you hung over?

At least you're not alone!

Half the Network team is up & moving at least.

Here's your morning bandwidth graph!


The DC20-MEDIA file server is connected via dual 1Gb LACP trunk (2Gbps capability). It's been BUSY today! Good job!


Upload content to share with other con attendees (needless to say, you may want
to trust content hosted by DEF CON more than random stuff shared by con

NETDrive ( is windows software that will
allow you to easily map a drive via WebDav.

This software was also provided for you on the DC20 Conference CD.


NetDrive Settings:

Site Name:
Site IP:
Port: 21
Server Type: FTP
Drive: "select a drive letter"
Account: connect as anonymous

(if you don't select anonymous, it will prompt you for a login; that means you're doing it wrong)

Under Advanced: force SSL for all communications.

Good Morning! It's amazing what just a couple hours sleep will do for you :)

We hope everyone had a great DEF CON 20 Friday night. Great turn out at all the
parties, with some great entertainment (DJ's, bands, etc). Too many for any one
person to see all of them (kind of like Disneyland, right?)

Everyone's going to be asking about DCTV - right, let's get on with that.
Several of us were up late (me, Mac, Richard) working on ideas to get things
fixed & back to working order. I think we finalized on Plan Echo(E). We still
have Plan Foxtrot(F) in our back pocket. What was wrong? Combination of
things. Primary issue was a codec that was mostly-standard, but slightly not.
Couple that with newer versions of software that didn't handle the "slightly
not" part right. We found the right combination of software and command-line
flags, and at 12:30am last night declared (very quietly, so we didn't jinx it)
victory - at least with our proof-of-concept we setup in the NOC. We'll
re-deploy equipment in a few minutes and verify our hypothesis in production!

Again, we apologize that things weren't running well yesterday. This has been
our #1 priority to resolve since yesterday morning and appreciate your patience.
(I know I sound calm now, but I was such a stress-ball last night!!).

Other than that, we are having a lot of people using wifi, and great traffic. I
think we're going to have to upgrade next year. Our controller is running out
of memory throughout the day. Rukbat has been amazingly diligent at sitting
quietly in the NOC, all day long, clearing memory, keeping it running as best he
can. Can't say enough good things about Rukbat, seriously - I should do an
entire post about this guy! He's bloody incredible! But meanwhile, if you do
see intermittent loss of connectivity, either wait a minute or two (I know,
patience is hard when you're trying to pull up a webpage with someone standing
next to you waiting on it) - or email us (noc-at-defconnetworking-dot-org) and
let us know. A couple people did yesterday, it's helpful, so thank you guys.

Looks like all afternoon ya'll were using some massive bandwidth. Here, have a


We discovered the "lost checkbox" that needed to be un-checked. Now FTP clients
can connect, get directory listings, etc.

The issue was mostly on Windows clients.

You should be all set now


...and contribute if you have anything!

From a gentlemen who figured out his LINUX problems with the DefConSecure WiFi -
we wanted to pass this along.

"RESOLVED have to add .cer to /usr/local/share/ca-certificates and run

sudo update-ca-certificates

OpenSSL must be aware of the CA cer or validation fails"

Hope this helps!


Happy Opening Morning!!

We're finalizing the video feeds for DCTV. We have guys up in the CATV head-end
in the hotel working to get signal across the property properly. Our apologizes
the delay (wouldn't be DEF CON without some small snafu eh?). We're working as
fast as possible and will let you know when it's live. (Also check @TheLockheed
on Twitter, I'll post updates there, too)


DCTV will be broadcast to Guest Room TV Channels 55-59:

  • Track 1 - Ch 55
  • Track 2 - Ch 56
  • Track 3 - Ch 57
  • Track 4 - Ch 58
  • Track 5 - Ch 59

Have a great DEF CON 20!!


The way SSL certs are being signed has changed. In the past, a Root CA signed
SSL certs directly. Now (as of this year), allegedly the industry (at least
SecureTrust/TrustWave) now have a Root CA sign an Intermediate Chain Cert, which
in turn signs all down-stream SSL certs.

What's that mean to you?

Windows machines doing 802.1x try to validate the SSL certificate by default.
For that to happen, they have to know about the chain cert that signed the
server's SSL cert.

Windows OS's don't know about the new chain cert. So you'll have to import it.

You can grab the cert from

Download the "wifireg.cer" file - double-click, import it.

From that point, you can "validate" the cert and proceed.

(Your other option is to opt not to validate, and the login process will proceed
as if you used a self-signed cert).

We've been testing this the last couple hours and believe this is currently what
many people are seeing (and what we see in our logs).

Try this - if it doesn't work, let us know and we'll dig into it further.

We're noticing some people having problems with the TrustWave-signed certificate
for 802.1x on DefConSecure WiFi.

We'll have more on this shortly, with an updated cert-chain file to import (if
you don't already have it).

Reminder, to create your login for DefConSecure wifi, go to

It's so broke even the "we're down" page is broke!


The lines! OMG! THE LINES!

The reg line backed up to the casino, then out to the pool. Holy crimeny!

But luckily the line is moving and everything seems kosher. Thanks for
everyone's patience!

Network is going great so far. People are active, no complaints so far.

If you have issues/questions, don't hesitate to drop us a line

Today we're mostly helping vendors & contest teams get all setup, connected, etc.

We worked with the Network Ninja's last night (mostly Mac & Rukbat, two of our
miracle workers) to get some cool stuff setup for them!

Twas the night before DEF CON ... and all throughout the house... there was a

Here is the "heat map" for early arrivals (ok, mostly staff) using DEFCON-SECURE
wireless so far.


The Wifiz are good. We have 405 people pre-reg'd for DefConSecure WiFi.
Doolittle has been streaming music all morning.

We've been working to stress the bandwidth (100Mb capacity). We've hit 41Mb
last night with Torrents.

Today we're patching the hard-lines for everyone. Doing a Fry's run shortly :)

Mac setup Splunk so we're logging what we can; hope to have some interesting
stats for closing ceremonies!

Contests, Events, and staff groups are in & arriving - we're helping them get
everything setup.

You're going to really like what the Ninja's have going for you guys today!

CTF already had their music pumping through the night.

Are you ready?

Guess what this is?


The NOC team just walked the entire space. Things are looking good.

Fridges are stocked.

Chill-out area and Rio Pavilion has a couple AP's down - someone probably typed
"shut" instead of "no shut" :)

Fry's run soon.

Things are going well.

Very well.

Core is up.

Internet is pwn3d.

Wifi is up.

Secure wifi is secured.

Don't jinx it.


You can now pre-register your secure wifi login name/password for DEF CON 20.

We are up & open for business!

DEF CON NOC is live. Oh, YOU want network access, too? Ok, we'll keep working
on that.


Officially posted from the DEF CON 20 NOC!

Setup proceeding a-pace. Cross your fingers! :)

The DEF CON 20 Network Team is at the Rio. Setup begins far too bright & early
tomorrow. Let's do this!!

Mac has the "core" setup & ready to go.


Friday the 13th.

DEF CON is sneaking up on us.

The NOC team heads to Vegas in a week. Seriously, already?!

We've rebuilt some of the infrastructure on new equipment this year. Kept a lot
of things the same - it's going to be a BIG year for DEF CON, so we want to do
all we can to make sure everything works the first time!

Once we get on-site, get the core infrastructure up, we'll let you know that
we're opening up wifi login registration.

(ok, you happy @SteveL_UK? :).

We're starting with 100Mb to the Internet - with another 100Mb on stand-by.

We've also got some new guys on the team this year; we'll see if they (or their
livers) survive!

Hit us us via email, or me via twitter (@TheLockheed) with questions.

While the other DEF CON 20 teams, speakers, contests, etc all gear up to make
this year a massive blow-out year - we're actually trying to keep it simple.
That's our "secret" to making the network happen. Don't over complicate things.
So as much as possible, this year's network will look like last year, with
tweaks & improvement here & there. We're probably going to upgrade/swap out
some switches, but largely only because some newer stuff is available to us this
year - and we'll (almost never) turn down free upgrades :)

We're finalizing WiFi AP placement now (should have that done this week). We're
talking about how much bandwidth we can get from the Rio this year. (How much
is "too much"? :).

The DC20 network will still support IPv6. We'll be curious if it gets more use
this year over last year.

You know how there's a DefCon File server on the network for you to
upload/download files from? In honoring our past, we're talking about setting
up a "Retro LAN table" - remember the days before there was WiFi and we all came
to DEF CON and plugged into a wall jack, setup a switch, and let the people
around us share that switch (or hub!)? We may setup something where you can
plug in, trade filez with the file server, etc. Don't camp, though, share the
space please.

We have new folks helping with DCTV'; they've been working hard to improve
signal quality so we can get the best possible signal up to the Rio CATV system
for hand-off (even though most of the hotel rooms are still equipped with SD

If you're talking at DEF CON 20, throwing a contest, a party, something that
requires a network connection or special request, don't forget to let your
specified Goon point-of-contact know. If you're not sure, you can always email
me (noc -at- defconnetworking dot org) and I'll help you out.

Oh to hell with it...Merry Christmas! :) We hope all of you had a wonderful
Christmas, a great Hanukkah, and generally enjoyed the holidays! 2012 is the
year the Mayans predicted the world would end - and is also coincidentally the
20th anniversary of DefCon. We've been doing some early planning already to
ensure that DefCon20 is the biggest, baddest, most exciting DefCon EVER!

We hope everyone had a very Happy New Years - be safe in whatever activities you
chose to indulge in (or at least don't get caught!).

Effffn has suggested a new network metric - HC's per second (hcps). It's a bit
of an inside joke (that you can never erase from your mind once you've been
exposed) - but suffice it to say instead of a generic "megabits per second" it's
taking a known entity as a frame of reference. A video for example. Think
"Rebecca Black's per second." There may be something to do this...!

Happy New Years and see you at DefCon 20!