Announcement

Collapse
No announcement yet.

OTB @ DC16: Pwning for Dollars

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Re: OTB @ DC16: Pwning for Dollars

    Originally posted by Deviant Ollam View Post
    Not to mention that incorporating wireless into this game would also just be really fucking stupid.

    There are already loads of games for you at DefCon if 802.11 radio traffic makes you hot and horny.

    This game is (or at least initially was) about compromising services and such running on a remote machine. Accessing the TCP/IP connection to send packets out to the target box was just a given.

    If you're a h4x0r named "Xv_Dark_Lord_vX" and you're going to pwnzor a televangelist's web site, it would likely happen across the intertubes... you wouldn't sit in Joel Osteen's parking lot with a cantenna.
    Granted that there are games that focus on wifi (I will be entering a few); however there are also other games that focus on compromising services (CTF, etc). The fact remains that there will always be some things that wireless allows you to do that you can't do on the wire and frankly I didn't want to have to put a wired interface in as well considering I am VERY VERY limited in space and cooling capacity.

    I will certainly defer to your obvious experience at previous cons, but accessing the connection IMO is never a given. Are you saying that there should be no firewalling, IPS or other functionality that actively denies suspect traffic or returns fire? Isn’t that kind of like assuming that Joel Osteen's server is an unpatched windows box that sits alone on the edge and will let you pound away on it all day like a bull in a china shop? That doesn't reflect the real world, invites disaster and sets up the defenders to fail.

    In my mind, this event seemed more about minimizing regulatory overhead in order to stimulate defensive creativity. In essence the counterpoint to the CTF, where it’s all about the offense. Of course there need to be rules, but lets keep the sweeping rules that effect things like transport or hardware to a minimum. I think most of us are smart enough to understand that stomping on the hotel wifi or DoS'ing the network is a stupid thing to do.

    The problem with contests like this is that they easily become a bit like NASCAR... so limited by the rules that everybody shows up with the same vanilla boxes because they have no leeway to get creative. Let’s make sure we don't kill the spirit of the contest in the name of easiness.

    -H

    Comment


    • #17
      Re: OTB @ DC16: Pwning for Dollars

      please believe me when i say that i'm not trying to be contrarian and get into an argument or anything, i really do believe that you just want to see the contest be the best that it can be. i simply disagree with you on a number of key points. (and i should clarify that i do not run this contest in anyway. i'm just speaking up because skoot doesn't seem to be around right now)
      Originally posted by Homeslice
      The fact remains that there will always be some things that wireless allows you to do that you can't do on the wire
      i'll let renderman or Thorn or Roamer or prez or any of the other dozens of folks who know loads more about Wireless than i do correct me if i'm wrong (and you should please feel free to correct me, too) but I have always been under the impression that TCP/IP data doesn't give a rat's ass about the medium over which it is traveling. whether over copper wire or radio, packets arrive at their destination and do their thing.

      aren't all the distinctions between WiFi and Ethernet below Layer 3? i'm positive that anything at Layer 4 and above would never notice the difference. (unless you're starting to get into delaying of specific packets, replay attacks, timing attacks, etc. but almost ALL of that sort of stuff pertains to compromising the WiFi link and not the data it's carrying.)

      as i say, i could be way off and i'll take my lashing with a ruler from the nuns if i am... but i simply can't see how Layers 3, 4, 5, etc are impacted by telling people to plug in.

      Originally posted by Homeslice
      I didn't want to have to put a wired interface in as well considering I am VERY VERY limited in space and cooling capacity.
      hehe... just what kind of device are you bringing? almost sounds like you want to run services etc. on an ultraportable notebook. porting apache to a macbook air, perhaps?

      Originally posted by Homeslice
      but accessing the connection IMO is never a given.
      we fundamentally disagree here. this is a contest that is focused on hardening and defending a machine that is connected to a network for the purpose of running specific services. it concerns attackers (either public folk out there on the tubes or rouge employees on the inside) trying to take over the box by messing with those services that it's running.

      Originally posted by Homeslice
      Are you saying that there should be no firewalling, IPS or other functionality
      it's quite a leap to go from "this contest should represent servers in the real world" to "nobody should have security on their machines". of /course/ there should be such products... however, you're more bad-ass if you don't use them. where's the "risk" in putting up a box that is 100% firewalled, fully patched, and running the latest version of well-respected, open-source daemons? last year one of my machines was a Win2K box running some outdated FTP server and like apache 1.3 or something, hah!

      Originally posted by Homeslice
      That doesn't reflect the real world
      see above concerning what i think reflects the real world.

      Originally posted by Homeslice
      I think most of us are smart enough to understand that stomping on the hotel wifi or DoS'ing the network is a stupid thing to do.
      yes, most of the regulars who read these forums and are planning ahead of time to compete are likely smart enough (but i wouldn't put it past all of them to not be boneheads)

      i think the bigger concern is the pack of a half-dozen 19 year olds who drove all night from the middle of nowhere just to get to DefCon and then realize that this contest is happening. Then you get a crowd of script kiddies tweaked on llello sitting outiside the contest room for 36 straight hours, just pounding the network in the asshole with a 3" oak dowel.

      plenty of folk here could disagree with me... i just think that segregating a contest network from the public masses at DefCon is a Good Thing™

      Originally posted by Homeslice
      Let’s make sure we don't kill the spirit of the contest in the name of easiness.
      that, amigo, is a sentiment which we can all support... and one that I appreciate seeing you speak up for.
      Last edited by Deviant Ollam; May 15th, 2008, 11:06.
      "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
      - Trent Reznor

      Comment


      • #18
        Re: OTB @ DC16: Pwning for Dollars

        Originally posted by Deviant Ollam View Post
        i'll let renderman or Thorn or Roamer or prez or any of the other dozens of folks who know loads more about Wireless than i do correct me if i'm wrong (and you should please feel free to correct me, too) but I have always been under the impression that TCP/IP data doesn't give a rat's ass about the medium over which it is traveling. whether over copper wire or radio, packets arrive at their destination and do their thing.
        Yeah, that pretty much the case. While 802.11 massages the data into it's own frames for transmission over the air, it's just vanilla Ethernet once it hits the wire.

        To address that initial question from HAL999, jamming isn't cool. There will be enough unintentional RFI at DC, just because of all the various WiFi and other RF gear there. I strongly suspect that anyone found intentionally jamming all the WiFi in a given area just to best a contest would be bounced long and hard by a gang'o'Goons.
        Thorn
        "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

        Comment


        • #19
          Re: OTB @ DC16: Pwning for Dollars

          Another things to consider... previous years included a Defcon wireless network that actively disrupted "rogue" access points. Talk to the people that ran the very first aCTF (now oCTF.) They tried to use wireless for people to play, but service was unreliable. After the con was over, they complained about this problem, and were told that an exception could be made for their access point if it was known ahead of time. However, they moved to wired connections the following year, and many, many more people were able to reliably play without so many interruptions. Now their contest is quite large.

          Who's to say what an unknown WiFi system with capabilities to counter-attack might do when there is an existing larger network of wireless access points that support counter attacks. Who would win? Well, if you read what Thorn typed above, you have a pretty good idea. (Layer 1 methods can be more convincing than layer 2 if you know what I mean. ;-)

          Heck, they could even make sport of it, by offering the people in the Wireless Contest an opportunity at some extra prize to play an extra round of, "fox and hound," where the fox doesn't move.

          Comment


          • #20
            Re: OTB @ DC16: Pwning for Dollars

            Originally posted by Deviant Ollam View Post
            please believe me when i say that i'm not trying to be contrarian and get into an argument or anything, i really do believe that you just want to see the contest be the best that it can be. i simply disagree with you on a number of key points. (and i should clarify that i do not run this contest in anyway. i'm just speaking up because skoot doesn't seem to be around right now)
            i'll let renderman or Thorn or Roamer or prez or any of the other dozens of folks who know loads more about Wireless than i do correct me if i'm wrong (and you should please feel free to correct me, too) but I have always been under the impression that TCP/IP data doesn't give a rat's ass about the medium over which it is traveling. whether over copper wire or radio, packets arrive at their destination and do their thing.

            aren't all the distinctions between WiFi and Ethernet below Layer 3? i'm positive that anything at Layer 4 and above would never notice the difference. (unless you're starting to get into delaying of specific packets, replay attacks, timing attacks, etc. but almost ALL of that sort of stuff pertains to compromising the WiFi link and not the data it's carrying.)

            as i say, i could be way off and i'll take my lashing with a ruler from the nuns if i am... but i simply can't see how Layers 3, 4, 5, etc are impacted by telling people to plug in.
            Well yes and no. Some of my box's "goodies" live on the lower levels. Now however I am wondering if I should bother, since some of the manipulation occuring if my box panics will border on "jamming".

            hehe... just what kind of device are you bringing? almost sounds like you want to run services etc. on an ultraportable notebook. porting apache to a macbook air, perhaps?
            Let's just say that I have very little space to work with, and a bunch to cram into it. You won't be able to miss it, so holler at me there and I'll show you the guts. In many ways I will be at a disadvantage because the limited space means limited hardware performance, memory, available platforms, etc.

            we fundamentally disagree here. this is a contest that is focused on hardening and defending a machine that is connected to a network for the purpose of running specific services. it concerns attackers (either public folk out there on the tubes or rouge employees on the inside) trying to take over the box by messing with those services that it's running.
            we don't disagree at all my friend :) It's just that my system relies on a synergy of hardware and software response for self protection. I just view physical controls as part of the hardening process. We both agree that it is about defending against attackers, we just diverge on the scope of where services end.

            it's quite a leap to go from "this contest should represent servers in the real world" to "nobody should have security on their machines". of /course/ there should be such products... however, you're more bad-ass if you don't use them. where's the "risk" in putting up a box that is 100% firewalled, fully patched, and running the latest version of well-respected, open-source daemons? last year one of my machines was a Win2K box running some outdated FTP server and like apache 1.3 or something, hah!

            see above concerning what i think reflects the real world.
            My point was that if the concept of the contest is to test one's abilities to install a strong deamon and obfuscate it then the rest of the box should be off limits because we are simply talking about attacking the exposed service only. There would be no need for a firewall or any other self protection mechanism because those are not directly associated with the operation of the services we are required to expose. I admit it was a bit of a douchbag response and I apologize.

            How badass is building a box to automatically analyze and dynamically self-protect, in addition to obfuscating versions, patch levels and OSes. I guess I look at it as more of a test of my abilities to build a whole system rather than just my abilities to be real creative at installing apache.

            yes, most of the regulars who read these forums and are planning ahead of time to compete are likely smart enough (but i wouldn't put it past all of them to not be boneheads)

            i think the bigger concern is the pack of a half-dozen 19 year olds who drove all night from the middle of nowhere just to get to DefCon and then realize that this contest is happening. Then you get a crowd of script kiddies tweaked on llello sitting outiside the contest room for 36 straight hours, just pounding the network in the asshole with a 3" oak dowel.
            Again, half of what will be happening in any of the wireless contests I'm sure will technically fall under the auspices of "jamming". Hell, forcing disassociation is the same results as "jamming" but is also the cornerstone of many wifi attacks. Now of course I haven't been to a con, so I can only defer to the elders here when it comes to the prevalence of this type of crap at the con.

            I'll be the first to say that using any type of denial of service is an admittance of defeat either on the attack or defense side.

            plenty of folk here could disagree with me... i just think that segregating a contest network from the public masses at DefCon is a Good Thing™
            Probably for the defenders it would be better in terms of machine longevity, but there are also good things that may come from opening the contest to the masses. For instance, you are much more likely to build a strong box as well as attract more participation (both sanctioned and unsanctioned lol). I for one don't fear the masses, and don't care if they are successful and hope they try real hard. My goals are to test the machine and you don't learn through success!

            that, amigo, is a sentiment which we can all support... and one that I appreciate seeing you speak up for.
            Man, I am here to make friends, drink beer, learn a bunch and have a great time. If I can leave my box on the table and walk away to talk and mingle then I am all the more happy.

            I look forward to buying you a beer (or two, or three lol)
            Last edited by Homeslice (tm); May 15th, 2008, 13:35.

            Comment


            • #21
              Re: OTB @ DC16: Pwning for Dollars

              Originally posted by TheCotMan View Post

              Heck, they could even make sport of it, by offering the people in the Wireless Contest an opportunity at some extra prize to play an extra round of, "fox and hound," where the fox doesn't move.
              That actually sounds very fun :) I'd love to do it.

              Comment


              • #22
                Re: OTB @ DC16: Pwning for Dollars

                And there are some of us to love nothing more than to find some asstard doing wireless jamming with our commerical tools and turn them over to the goons.
                DaKahuna
                ___________________
                Will Hack for Bandwidth

                Comment


                • #23
                  Re: OTB @ DC16: Pwning for Dollars

                  We are getting close and still no details :) Cummon guys, somebody who knows Skoot get a hold of him so we can get a final list of rules and objectives.

                  I hate to be impatient but I'm a lazy bastard and I need to give myself plenty of time to get my stuff together.

                  -H

                  Comment


                  • #24
                    Re: OTB @ DC16: Pwning for Dollars

                    Homeslice: No one knows me. I'm just that stealth. It's a gift.

                    Thanks much to Deviant, Prez98, Cot and other forum regulars for keeping this thread alive.

                    The reality is that I'm getting my ass kicked on a research project in IRL / non-handle land and I've had to focus on that.

                    BUT!!!!!! OTB lives, there is a plan, and I've been working behind the scenes to make sure it can fly.

                    Hal999 and Homeslice, DO NOT GIVE UP, you will get your chance to get assaulted by the best attackers in the world, I promise.

                    OTB specs and details. Will drop. This weekend.

                    More in just a bit. Please stand by.


                    Originally posted by Homeslice (tm) View Post
                    We are getting close and still no details :) Cummon guys, somebody who knows Skoot get a hold of him so we can get a final list of rules and objectives.

                    I hate to be impatient but I'm a lazy bastard and I need to give myself plenty of time to get my stuff together.

                    -H
                    "Raise a toast to ... I think he might have been our only decent ."

                    Comment


                    • #25
                      Re: OTB @ DC16: Pwning for Dollars

                      Originally posted by sk00t View Post
                      Homeslice: No one knows me. I'm just that stealth. It's a gift.

                      Thanks much to Deviant, Prez98, Cot and other forum regulars for keeping this thread alive.

                      The reality is that I'm getting my ass kicked on a research project in IRL / non-handle land and I've had to focus on that.

                      BUT!!!!!! OTB lives, there is a plan, and I've been working behind the scenes to make sure it can fly.

                      Hal999 and Homeslice, DO NOT GIVE UP, you will get your chance to get assaulted by the best attackers in the world, I promise.

                      OTB specs and details. Will drop. This weekend.

                      More in just a bit. Please stand by.
                      You are teh man. Thanks for the update

                      Comment


                      • #26
                        Re: OTB @ DC16: Pwning for Dollars

                        Well,

                        Today would be the day, then....

                        -IP assignments / routing/support infrastructure (DNS/NTP/PKI)
                        -Desired services and required performance metrics (if any)
                        -Any limitations or restrictions on contest.


                        Thanks.

                        HAL
                        ZZ

                        Comment


                        • #27
                          Re: OTB @ DC16: Pwning for Dollars

                          Yes, it would. Please keep bugging me, it is not a bad thing, I promise.

                          Technical wrinkle related to the fact that I am on the other side of the continent at the moment and have to walk wifey through some [redacted] stuff to get connected from here and upload the new site.

                          Since I can't get the data to the site I will post here in the forums in just a bit with some info.


                          Originally posted by HAL999 View Post
                          Well,

                          Today would be the day, then....

                          -IP assignments / routing/support infrastructure (DNS/NTP/PKI)
                          -Desired services and required performance metrics (if any)
                          -Any limitations or restrictions on contest.


                          Thanks.

                          HAL
                          "Raise a toast to ... I think he might have been our only decent ."

                          Comment

                          Working...
                          X