Re: Gear Needed

Is there an option for a sponsorship opportunity?

Re: Gear Needed

Can you provide a short list to give an idea of what you need the most.

Re: Gear Needed

right now just about everything. arc light was nice enough to provide us with a sun neteraX1 which is a nice start but wed like to get as many of 1 type of system as we can (the idea is to try and run the contest on a clustered system this year)

also the other major thing we are in need of is network hardware, we have a large array of assorted hubs and switches but what we want is enough hardware to build a nice managed routing solution so that we can eliminate problems like ddos's and arp poisoning attacks.

as of right now we have 1 projector but more are always welcome as we are in no shortage of stuff to put up on a screen ;)

and yes, there is an option for sponsorship ;), just visit the dc949 website and click on the donation button on the right hand side, all of our donation money goes to 1 place

Re: Gear Needed

Can you be a tad more specific?

Re: Gear Needed

by running the contest on a "cluster" i mean "a series of vm's being hosted on a xen cluster"

as for networking i mean "a dhcp network secure enough for people not to be able to ddos the contest boxes and arp poison the network enough to kick other teams off" (anything else is fair game ;) )

and i think the projector and sponsorship info was pretty straight forward, perhaps the only thing i may have let slide is the fact that we ALWAYS are in need of prize material so if anybody has ANYTHING to offer in that area we would be greatly obliged ;)

Re: Gear Needed

You could look into switched that are configured to auto-learn MAC and allow only one MAC per port. Once a port is idle for 1 to 5 minutes (SNMP or RMON action/trigger to run tool that auto-changes with clever wget and auth, or CLI expect session) then let a port auto-learn a single MAC.

Have the same tool also monitor for multiple MAC claims per port, and then trigger the port to be disabled for 5 to 10 minutes.

You could setup an active retaliatory configuration in another way too... you could VLAN all offensive ports onto the same VLAN, away from the contest, letting DoS people DoS each other, and maybe even force their ports to not auto-sense, but limit to 10BaseT (10Mbps.)

Of course this requires hardware that supports this, and some clever scripting to automate it, but you could have great fun letting people discover how attempts to DoS people can result in them hitting themselves in the face with a hammer.

However, something I have noticed:
You probably don't want to be too heavy-handed with any defcon game. There is some fun in letting people attempt less-than-elegant attacks. A, "better," solution is to find the port that is the source of the problem, and then take the picture of the person causing the DoS, and place that picture on the projector display with a caption, "Here is who performed the last DoS on this network." Then, the next time there is a problem with the network, everyone assumes it is, "that guy." You could even fuzz-out the face, and remove more of the "fuzz" with each successive DoS until their identity is known. You could also deduct points from their score instead of using them as a lesson to others. You can have fun with "corrective" measures. :-)

Re: Gear Needed

heh yea we have tinkered with ideas like that in the past but have not had the network hardware to pull it off like we should, between our random assortment of managed vs unmanaged switches hubs and a few consumer routers, building 1 cohesive network policy has proved a bit of a challenge recent years -_-

Re: Gear Needed

A wish list would be helpful. Of course these would be temporary donations.

xor

Something like this?

Cisco Catalyst Express 500-24TT - Switch - 24 ports - EN, Fast EN - 10Base-T, 100Base-TX + 2x10/100/1000Base-T(uplink)

People should PM so I can get a better idea of what.

Re: Gear Needed

Hit me up for those *special* donations :)

1057

Re: Gear Needed

Make a wish list at amazon.com then post the address used here.

Re: Gear Needed

thanks for the support, we have a meeting this weekend to make some final decisions about the network layout and will hopefully be posting a list of gear requests, some time mon. morning.