Re: DC19 Network

The mobile agendas were great and would love to see them again along with more mobile friendly web content. Not having to carry around (and tear up/lose) my official schedule was a great convenience. The auth/encrypted WiFi was also great as it provided a secure (at least to the best of our knowledge) alternative Internet access to the before mentioned issues with cellular carriers. The FreeForAll area is great and I consider it to be a staple of the con. And obviously, the more bandwidth the better. As for new...

More live log viewing - I would love to see (almost) live MRTG graphs of bandwidth, IPFIX traffic breakdowns, CPU/mem/associations/etc of the various network devices. Maybe we could come up with a dynamic way of showing the TCP/UDP (or higher layer protocols like BitTorrent) data streams as they are built, used, and torn down? It might also be interesting to see streams of the debug/syslog/consoles of the various network devices.

IPv6 support - I have no good reason for this other than to do it just because we can. Many people complain IPv6 isn't secure because it hasn't been fully vetted in the field. I can't imagine a better place to give the vetting process a booster shot than the Def Con 19 network.

IPTV/Multicast Video - Another cool addition I would like to see is live (VLC compatable) multicast IPTV streams of the presentation hall video feeds made available on some or all of the various networks available to us at the Rio (inspired by some of the discussion occurring in the Defcon 19: Viewing Suite Planning thread). My geeky nature makes me want to say go hi-def (hmm... hi-def... def con... "hi-def con"?) but admittedly, I realize the concerns using WiFi as a distribution medium would create (bandwidth, RF noise, jitter, packet loss, etc). Is it realistic to upgrade the entire WiFi network to 802.11n 4x4 mimo (better question, would that be enough to actually help)? Maybe a smaller/separate/dedicated wireless network with only the video streams could be put into place? Could we splice into the hotel network and stream wired/wirelessly to the rooms (providing an alternative/augmentation to hotel's four avaliable conference channels... multiple laptops = "picture-in-a-picture" solution to the issue of having multiple streams per room and lack of avaliable CCTV channels)? I don't see Unicast streaming the video from the con to the Internet as practice (bandwidth or cost effective) but maybe we could cross connect with a carrier that has access to mBone/Internet2 and multicast stream to the Internet that way (local university... UNLV)?

More outside traffic in - Yes, I know, this is inviting issues. I also admin that more than one of my other suggestions above has this same issue but I ask... is that not the fun of Def Con?

I know I posed more questions/suggestions that requests/answers but hopefully this will fuel some more ideas and go from there.

Re: DC19 Network

Awesome - we'll keep up the stuff from last year then! I'm glad the mobile agenda app worked out well! I wasn't entirely sure if people would dig it, or just go "eh." I looked back at my notes and 1300+ people used it, so I'm happy about that :)

Some of that's not hard for us to do. We've got the MRTG/Cacti graphs already, so it's just a matter of making those available for everyone to see. We've had a focus on monitoring the last few years, now we can just augment that as "monitoring & publishing" :) console-log scroll, eh? Hmmm. Easy enough, and if people want to stare at it, sure.

The protocol analysis - this is actually a great idea where YOU (collectively) can get involved! We can give span ports to people if they want to look at the traffic flows, do some analysis, and especially publish to the con in real-time. Why not? :)

You just gave me a great idea for a CONTEST!

We are actually talking about what it would take to upgrade our gear to support 802.11n - discussion is happening in the back rooms now. I doubt we could get into the hotel network (the one that runs to rooms) - but what you're really talking about is making the DCTV content available to the rooms - outside of the con network.


Go on.... say more :) One thing we also have to pay attention to is making sure con attendees get real benefit for their price of admission - if too much network content is available whether you're on-site or not, then it de-values the effort to *go* to DefCon. It's always a balance, right? So if you think of something we should be "enabling" more from the outside, I'm all ears!


Thanks for the ideas - definitely got us thinking!!

Re: DC19 Network

Good to hear about keeping the mobile agenda app. The only thing I would encourage is maximizing cross-device support. This is admitted a selfish request as I recently switched from my old iPhone to a new Blackberry. That said, I also realize there are limitations to this request and will happily survive using my paper agenda if Blackberry (or other device) support isn’t perfect.

I figured the network team had Cacti (or something similar) and other monitoring software running. I don’t have any intention of sitting around my room staring at it but I do find it interesting to see network trends/events as they are occurring. Being one of the most hostile networks in the world, this should provide some interesting insight.

Thank you for reminding me about the SPAN ports. I’m not much of a programmer but I have lots of time to come up with something.

Contest you say… You have my attention! I will have to keep a close eye on the contest page.

802.11n would be sweet for the same reason I think IPv6 is sweet. It’s hard to say whether or not it will actually be of true value without seeing last year’s data on access point bandwidth utilization or committing to doing something crazy like pushing high definition DCTV over the WiFi network. Still cool though.

Depending on how the hotel’s network is setup, multicast might… I am thinking I will just shut up now and have something to look into when I get into Vegas that Thursday.

I completely agree with you about not letting too much in or out of the network. I will give the idea of letting more in/out some more thought and see if I can come up with any more specific ideas.

Thanks!

Re: DC19 Network

The only bummer bout the Encrypted network is that it kind of kills the Wall of Sheep which is always a hoot!

Re: DC19 Network

I agree with Forty Seven. The Wall of Sheep activity was limited based on the secured network and the decision (of the powers to be) to not mess with the secured network.

Re: DC19 Network

I see why the secured network isn't touched in terms of the wall of sheep though i believe it should be as it offers a false sense of security. If there running there own security show them on the board whats happening. Speaking of which im not sure how im going to get it down there but i have a spare server not sure if your running any sort of rules on the line but its fairly new and pretty powerful i use it for development purposes and wouldn't mind seeing its potential, thats if i find a low cost method of transportation without it getting destroyed

Re: DC19 Network

So should there be a wide area freeforall network that gets fed to wall of sheep, open to all, and the secured network that you create or get a pre-generated password for?

Re: DC19 Network

Yes Sir Boss! Pass as much to the wall of sheep as possible. Its a great way of seeing how secure things really are and a great teaching opportunity to those who want to understand the methods and techniques used to capture data.

It is also a perfect situation for comparing and testing the many tools available for sniffing packets.

Maybe the con should not even offer a secured network. It's almost like offering training wheels to the tour de France riders.

Re: DC19 Network

heh... bring back the DriftNet wall.

Re: DC19 Network

Dear Network Gods,
I'm going to run an IDS and visualization tool on whatever WiFi traffic I can capture ([un]official forum at https://forum.defcon.org/forumdisplay.php?f=600).

I'd be more than happy to coordinate with y'all if you want to give me access to a SPAN port or something. Or if you want me to gather certain information from the IDS... I'll be using Bro which is sorta like netflow + snort + layer 7 switch + steroids....

Ping me at dan at bizling dot com if I can help.

Also: thanks for the work y'all do every year.

Dan

Re: DC19 Network

Question:

We're still doing the secure wifi - it's something enough people want that it's worth providing. The question on the table for ya'll is: Do you want us to pre-gen unique login credentials and hand them out at reg with your badge - or do you want to gen your own (like we did last year).

Or does it matter to you?

Re: DC19 Network

I prefer gen your own, simply because I don't want to have to "go to this place, do this" physically.

I didn't use the secure wifi last year, but I am giving it consideration this year.

Re: DC19 Network

I'm suspicious of anything handed to me at DC. I won a 8G USB flash drive last year and I STILL haven't plugged it into anything. It needs to be sanitized first!

Re: DC19 Network

Either way, It's a Trap!