Re: DC17 Network - Wrap-up

I didn't use the Defcon network(sadly missed actually physically seeing it, next year (sigh) ) at all this year, or Lodgenet for that matter. I did a little passive wireless sniffing that was about it. The reasons I didn't use either was the timing of the many out of band security patches from Microsoft that were either coming out or about to. Didn't want to do any OS patching at the con. Though Linux should have been ok.

I was content to use my EDVO card, for the small amount of time that I actually spent on the computer at the con this year. Mainly just checking on the boys(cat cam, as pathetic as that is) and e-mail. Just for the record, and before you all puke on your screens, the cat cam serves 2 purposes - checking on the boys and making sure nothing catastrophic has happened at home.

xor

Ps Honestly I actually took the advice given at Defcon 101, and had a much better, more social time this year. For now, it's back into the bat cave, and out of the light and sun

Re: DC17 Network - Wrap-up

I (briefly) read what you'd posted over on defconnetworking, just to make sure that there wasn't magic smoke I should know about. I've been hearing about how dangerous the defcon network was since defcon IV. While it was often not stable (especially the wireless) in the earlier days, it's not any more (or less) dangerous than your average cable modem hookup.

Could bad things happen to you (and your computer) at Defcon? You bet. On the other hand, if you've practiced the common sense stuff that everyone should pay attention to, no matter what operating system you are running, I think you won't notice much.

Please do not give up public wifi. Let me say it again, in the most polite, friendly kind of way. Please do not give up public wifi. I often just use the hotel network, rather than defcon's, but find the defcon network to be far more stable and secure than lodgenet (the current "provider" for the Riviera). Actually, that's one of the reasons I use lodgenet. More entertainment.

Unlike many of the folks pontificating about the *danger* (ooohhh, danger) of using the Defcon network, I actually *am* a security expert (albeit retired), for whatever value that term contains.

I'll be honest. The Defcon network gets more stable and comfortable every year. I'm impressed with how quickly any moron attempting to crush the wifi gets locked out, and any time I've had email or other connections that absolutely had to be there, I've always come out of my room, and down to the defcon area, so that I knew I'd have the stability and quiet that you provide.

Actually, I'd probably stay on the network for hours if there was a quiet place to sit, rather than chill-out places filled with loud music (I prefer classical, and have excellent hearing, so I prefer it quiet).

You have my thanks for the once or twice each year that I really need a clean connection.

P.S. If anyone thinks that the Riviera Network was safer, consider these two things. I don't need much sleep, and I spend hours and hours with tcpdump and wireshark.

Re: DC17 Network - Wrap-up

I think it's nice to have options. EVDO, while nice, occasionally will give you fits. Plus not everyone has that available to them.

Then of course, without free network access, what becomes of the wall of sheep? If that's not reason enough to provide wifi don't know what is.

People worried about their machine getting owned would also be a lot less stressed if they just brought a "sacrificial lamb" of a machine, with the intention of just wiping the machine once you're done.

Re: DC17 Network - Wrap-up

I don't remember if this was recorded with a camera, but I hope it was.

I left 1 hour after this began to visit the Toxic BBQ. I did provide an apology later, but am still interested in the content.

If there was a video, I'll reserve my comments and suggestions until after the video comes out. If there was no video, then when I find out, I''ll just check out the slides.

Re: DC17 Network - Wrap-up

This was my first year at DC and while I did hear the "Don't connect to the WiFi or you'll be pwned" talk going around. I decided I should give it a try anyway.

The only thing that makes this network more dangerous than your local Starbucks or College is that you know who else is using the network.

I had no problems connecting and downloading the tools that became available during the con. I did not log in to any site that would require user information. I had 0 problems.

I guess next year we shouldn't say "Don't Connect" as much as we should advise people "Be Aware".

I liked having the network there and available. It gave me a chance to download and try out the tools while the people were there to track them down and ask questions if any came up.

Keep the WiFi, just be aware.

Re: DC17 Network - Wrap-up

I had 3G off all weekend, partly to save battery life and mostly because it was jam packed. EDGE on the other hand was moderately useful.

Re: DC17 Network - Wrap-up

Definitely keep the net. 3G sucked hard. The a net worked well and seemed to have a lot less issues than b/g. So what if the network is hostile? Any DC attendee that can't secure their shit is probably at the wrong conference.

Re: DC17 Network - Wrap-up

In being a n00b to DC and this being my first year, I cannot comment on previous years except what is second hand information:

I found the network talk to be very informative and some of the implementation to be down right creative... I am speculating here but it seems some of the fear was based on people not knowing about the lack of peer to peer connectivity directly on the network or perhaps the lack of knowledge of the 50 some vlans being instituted. I am guessing that most assumed that it was a flat open network (which would be fun to watch but not connect to)

I used a 100% un-patched windows system to sniff traffic and catch some of the attacks against it.. which surprisingly there weren't many (not sure why but none of the traffic was that harsh)

I am thinking that if you put your computer on the internet you aren't at much greater risk that you would be at the def-con network as a normal user (save not using secure connections of some method, then you just made a very silly mistake in either case)

You will be sniffed, but if you are at Starbucks or anywhere near anyone from these forums appartment, you are being sniffed anyways.
_______________

slightly off topic though:
I wonder if it wouldn't be fun to include any type of the encryptions that are out there and would require you to hack the network to use it :) maybe not the best idea but the humor of all the "ub3r 1337 skr1pt k1dd1ez" asking for help to crack the encryption key to access the network would be kinda funny

Re: DC17 Network - Wrap-up

Hmm .. I wonder what it would take to build a 2-foot tesla coil. I'm sure it could be coaxed to produce tons of interference on all kinds of bands .. but provide all kinds of entertaining pops, bangs, and bolts of electric arcing to compensate for it.

Re: DC17 Network - Wrap-up

People jamming gives all the more reason to have some actual cabled access in the HHV. I don't see why people would magically stop jamming next year, and neither should they!

Re: DC17 Network - Wrap-up

While I don't like where you are going with this, and do not agree with ejecting people, I do support out witting the people. I do think that it would make for a fun event between the HHV and the amateur radio people. Maybe in the future we will see teams of fox hunters roaming defcon with yagi's trying to find the jammer. Then just construct a pseduo faraday cage around the device to attenuate it's effects. Probably a discussion which should be taken off thread since I now have horrific images of people locked in ad-hoc constructed faraday cages...

Overall though, I had great coverage during con no matter where I went. As for the jammers, I stepped out of the room onto the balcony and all my problems went away. I really doubt a jammer was at play in every instance and every situation. There are higher level attacks which can take place to cause similar effects. Until next year I will continue to hide in the 5GHz spectrum while in jammed areas (until they follow ) and enjoy 2.4GHz everywhere else when it's not being deauthed etc.

Re: DC17 Network - Wrap-up

OK, I propose an antijammer contest.

If someone is unlucky enough to have one on their person, put them on stage, cue Spaceballs music, and boot them from the con.

Reminds me of fox hunting, so legitimate for Defcon.

Re: DC17 Network - Wrap-up

You can blame the guys who were playing with the 2.4GHz jammers for this. It wasn't until I checked the noise floor and SNR that I became suspicious. Hoping onto the 802.11a network quickly fixed that though It was later brought to my attention during clean up that the jammer plugged in under the couch was mostly at fault (the one in the guy's back pocket next to me helped to seal the deal...) I had thought that OFDM would have been able to compensate for it but as the paper and real life experience shows, not so much in the freq allotment

Re: DC17 Network - Wrap-up

Would it be overly expensive to have some switches around the con, serving cabled connectivity to the table it would be mounted on? I often had problems connecting to the wireless, not so much in the tracks, but for instance in the HHV it was close to impossible to get connection.

Re: DC17 Network - Wrap-up

Also, lets not complain about the reputation for hostility. This is a feature, not a bug.

Let us assume the magic 802.1X fairy came down from the mountain and made real security over wireless networks actually workable and easy to use, rather than the WPA-PSK crap which didn't use public key where it should (a curse on every EE who tries to build a crypto protocol...)...

The Defcon network tops out at 20 Mbps with just a rather small cadre of serious users who know how to protect themselves. Imagine what it would be like if 10,000 con-goers all felt they could use the network in safety?