First-Ever Photo Tour of Defcon's Network Center

← Back to Stories (view on slashdot.org)

First-Ever Photo Tour of Defcon's Network Center

Posted by timothy on Monday August 11, 2008 @05:10AM from the sniffer-dogs-eh dept.

Kugrian writes "With over 9,000 hackers, freaks, feds, and geeks attending Defcon 16, the temporary wireless network setup there is considered the most hostile on the planet. Run by a dedicated group of volunteers known as Goons, the basement Defcon Network Operations Center is secured by means of a chain-link fence and armed guard. The 20-megabit connection, which is twice as fast as Defcon 15, runs over a point-to-point wireless link to another hotel that has point-of-presence in their basement. Wired's Threat Level blog managed to secure the first ever photo tour of the Center showing Goons, hardware and sniffer dogs." Reader TXISDude, who was at Defcon, doubts that attendance was as high as 9,000. Update: 08/13 18:14 GMT by T : Dave Bullock, the Wired photographer who shot these pictures, backs up that figure, though: "I interviewed Joe Grand, the badge designer a few weeks before the con. They ordered 8,600 total badges. They ran out of badges. There were hundreds of people with paper badges."

128 comments

WHAT?!?! by Anonymous Coward · 2008-08-11 05:11 · Score: 4, Funny

OVER 9000!!!!
1. Re:WHAT?!?! by Anonymous Coward · 2008-08-11 05:59 · Score: 0
  
  good lord, the cancer has come as far /.?
2. Re:WHAT?!?! by Erie+Ed · 2008-08-11 06:21 · Score: 1
  
  OMG damn hackers are soo messy with their wiring jobs...
3. Re:WHAT?!?! by Anonymous Coward · 2008-08-11 08:30 · Score: 0
  
  so i hurd you liek mudkipz?
Wow. by Anonymous Coward · 2008-08-11 05:15 · Score: 0

Pure sycophancy.
The problem with sniffer dogs... by Anonymous Coward · 2008-08-11 05:17 · Score: 5, Funny

...is that they are always humping your legs as soon as you put them in promiscuous mode.
Is this K-9? by gnick · 2008-08-11 05:18 · Score: 5, Funny

...showing Goons, hardware and sniffer dogs.
These guys must be extremely high-tech if their security dogs can sniff wireless!

--
He's getting rather old, but he's a good mouse.
I fail to see what's so spectacular about this by jacquesm · 2008-08-11 05:19 · Score: 2, Insightful

seriously, what is so special about this ?

--
MP3 Search Engine
1. Re:I fail to see what's so spectacular about this by halsver · 2008-08-11 05:23 · Score: 1
  
  It's the same kind of spectacle as Alcatraz, its a network that "holds" some very 31337 h@xz0rz.
  
  --
  Roughly half my comments are never submitted. You may be reading the better half...
2. Re:I fail to see what's so spectacular about this by jacquesm · 2008-08-11 05:37 · Score: 3, Insightful
  
  I highly doubt that :)
  Anybody that claims he/she is a hacker is most likely not.
  These are the 'l33t' script kiddies and such, they couldn't hack their way out of a paper back if someone didn't provide a fill-in-the-blanks kit that they can download.
  Anybody that really is a hacker is already in your system, just not bragging about it.
  It's like lock picking, if you're really good at it you keep your mouth shut so that if some stuff disappears you're not going to be #1 on everybody's suspect list.
  
  --
  MP3 Search Engine
3. Re:I fail to see what's so spectacular about this by SeanTobin · 2008-08-11 05:51 · Score: 5, Informative
  seriously, what is so special about this ?
  
  Wow... Someone has a serious lack of Imagination. Here is what is special about this:
  These guys manage the most actively hostile network on the planet. Just bringing your laptop/cell phone/PDA within wireless range of this event is asking for trouble. These are the people that put your username/password up on a giant wall of sheep if you choose to use an unencrypted connection for e-mail/web browsing.
  Have you considered the challenges of maintaining a server in this environment? You are one giant target for the world's largest collection of black/grey/red-hats in the world. Let's just say that there would be a substantial amount of "iStreet-cred" if you were to 0wn the firewall.
  Now, if you read the article, they describe how they setup their wireless network. They keep things very simple and maintain centralized configurations. If you are setting up a network in a potentially hostile environment, their model is a good one to follow. Why? Here are a few reasons:
  Users: 2,226 and 3,801 DHCP leases issued
  22 Access Points deployed
  Man-in-the-Middle Attacks detected: 215
  DoS Attacks: ~80
  Rouge AP's Detected and Destroyed: 130
  Wireless Bridges Detected: 300
  ARP MAC Spoofing Attempts: 836
  Traffic for the last 30 hours: IN 12gb / OUT 1.2gb
  Think your network can handle that? Let's take a look at one of the interesting ones - the Rogue AP's.
  The people that run defcon (and many of the attendees) eat these attacks for lunch. These people triangulate wireless signals within a high-em noise environment with enough multipath to give K-9 a headache. They manage to actively seek and destroy rogue AP's (not to mention the ARP spoofing!) while maintaining a healthy network. You don't think that's special!?
  Now, what about hardware reliability? Heck, if I had a choice between two pieces of gear and one of them had a "Survived DefCon 2008" sticker on it, I could tell you what I would be picking up. They had a nice Cisco fiber switch (no real surprise) but I have never heard of the Aruba AP's before. I know I'll at least check them out now. Do you not think that exposing battle-proven hardware to electronics-consuming people is special?
  Look at the software too. BSD & pf. No real surprise there either. When you want ungodly-stable network filtering - that is the way to go. Don't take my word for it. Heck, don't take BSD's word for it. The setup survived the hacker Olympics with no downtime. THAT is what is special about it.
  --
  Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
4. Re:I fail to see what's so spectacular about this by jacquesm · 2008-08-11 05:55 · Score: 0, Redundant
  
  you are living a sheltered life :)
  
  --
  MP3 Search Engine
5. Re:I fail to see what's so spectacular about this by halsver · 2008-08-11 05:56 · Score: 2, Insightful
  
  So you are telling me there are no real black hats at this convention?
  Given 9000 people who may claim to be hackers, I'm sure there's one in there somewhere...
  
  --
  Roughly half my comments are never submitted. You may be reading the better half...
6. Re:I fail to see what's so spectacular about this by sumdumass · 2008-08-11 06:02 · Score: 1
  
  I don't think the attendees are claiming to be hackers. It is that the event is tailored to hackers so they will likely be present.
  So you take script kiddies, real hackers, government hackers, and so on, put 9000 or so if these in the same buildings and you will expect hacking to happen. Or more aptly, something to happen. But just like lock picking, lock smiths or security experts (hackers attempting to make a legitimate living from their knowledge and contacts) have viable exceptions to being the first person who under suspicion for being able to pick locks and such.
  I remember at age 14, showing the cops how to use their slim-jims to open car doors after the automakers started putting safeguards in place. Not because I was extra special or know some secret, but because I always worked on cars and had door panels off and saw not only the locking mechanisms, connecting rods and so on, but I could also see the lock bars designed to defeat slim-jims and so on. I drew simple diagrams up, Took a few pictures, gave a small demonstration with a few others, and worked with them for about 1 hour in attempting to unlock cars in the city impound lots. And I did all this only because of a junk yard I worked at was asked why the cops couldn't open doors for people who locked their keys out. It should also be noted that the junk yard was also the city impound lot at the time and owned by one of the city council members who thought this was cheaper then bringing in official instructors- having the cops repeat a 20 hour course that they only needed a refresher and update on. They spend the money for real training now but I was never looked at or asked to explain my whereabouts when cars were getting broken into.
7. Re:I fail to see what's so spectacular about this by jacquesm · 2008-08-11 06:05 · Score: 1
  
  quite probably, but the people who make a living on the dark side are definitely not going to be in attendance in a place where law enforcement would certainly be represented to keep tabs on 'who's who'.
  If you're a black hat attending a conference like this would be about as smart as a professional safe cracker attending conference announced to attract everybody who is somebody in the safe cracking business. If I were a safe cracker for real I'd stay very far away from such an event.
  So, sure there'll be some people worth their salt but they are most likely white hats, not black hats, and it's black hats that seem to be causing the majority of the trouble.
  
  --
  MP3 Search Engine
8. Re:I fail to see what's so spectacular about this by Anonymous Coward · 2008-08-11 06:10 · Score: 0
  
  nah, he's just got a job in network admin
9. Re:I fail to see what's so spectacular about this by Teun · 2008-08-11 06:11 · Score: 1
  
  Hmm, around my ways the saying goes "It takes a thief to catch a thief...
  So please don't go by appearances and nice badges :)
  
  --
  "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
10. Re:I fail to see what's so spectacular about this by Anonymous Coward · 2008-08-11 06:14 · Score: 2, Funny
  
  right, he's got a job in network admin
11. Re:I fail to see what's so spectacular about this by tgd · 2008-08-11 06:35 · Score: 4, Funny
  
  Yes, but if you say away they may then suspect that you are, in fact, an elite black hat hacker who is staying away precisely to draw suspicion away from yourself, so in fact a real black hat hacker should, in fact, be there or they will immediately be suspected of being a real black hat hacker.
  Never go in against a Sicilian when death is on the line.
12. Re:I fail to see what's so spectacular about this by Qzukk · 2008-08-11 06:38 · Score: 4, Insightful
  
  Here is what is special about this:
  You missed what was really special about this: If you want into defcon's network operations center, tell them you're from Wired and you just want to take a few pictures. Butter them up real good about how awesome they are for managing such a hostile environment, etc.
  I expect this exploit to not work a second time.
  
  --
  If I have been able to see further than others, it is because I bought a pair of binoculars.
13. Re:I fail to see what's so spectacular about this by jacquesm · 2008-08-11 07:02 · Score: 1
  
  Hehe, ok, you've just made a *lot* of people really nervous :)
  
  --
  MP3 Search Engine
14. Re:I fail to see what's so spectacular about this by jacquesm · 2008-08-11 07:15 · Score: 1
  
  met dieven vang je dieven :)
  
  --
  MP3 Search Engine
15. Re:I fail to see what's so spectacular about this by nospam007 · 2008-08-11 07:15 · Score: 2, Insightful
  
  Not to mention:
  Never get involved in a land war in Asia
16. Re:I fail to see what's so spectacular about this by hostyle · 2008-08-11 07:25 · Score: 0
  
  Aithnionn ciarog ciarog eile
  
  --
  Caesar si viveret, ad remum dareris.
17. Re:I fail to see what's so spectacular about this by blueg3 · 2008-08-11 07:29 · Score: 1
  
  There are no hackers at Defcon. It's clearly stated that it's social networking for ninjas. Everyone is a ninja.
  Pay no attention to the content of the presentations or who is making them. :-)
18. Re:I fail to see what's so spectacular about this by dk.r*nger · 2008-08-11 08:25 · Score: 1
  
  These guys manage the most actively hostile network on the planet.
  Yeah, that's very possibly very impressive, but the photo tour is just boring. They show a stack of a switch, a router and a server, and some other quite un-exotic hardware.
19. Re:I fail to see what's so spectacular about this by Guspaz · 2008-08-11 08:26 · Score: 1
  
  Their network setup is impressive. Their connection to the outside world isn't. 20mbit? Less downstream than a good DSL line. And their traffic counts? Pitifully low. 12GB in over 30 hours is under 10% average utilization.
  I see three possibilities:
  1) People just aren't using the internet much
  2) There are so many attacks going on that the network is unusable for actual internet connectivity
  3) People are too busy trying to attack things that they don't bother with the internet.
20. Re:I fail to see what's so spectacular about this by DerekLyons · 2008-08-11 08:57 · Score: 0
  
  Think your network can handle that?
  Sounds like a typical day at a large corporate network.
21. Re:I fail to see what's so spectacular about this by bryguy5 · 2008-08-11 09:11 · Score: 1
  
  That's right out of an old "get smart" episode.
  But he knows that I know that he knows that I know...
22. Re:I fail to see what's so spectacular about this by Dekker3D · 2008-08-11 09:44 · Score: 2, Informative
  
  on the other hand, any black hat worth his salt would have little trouble taking on a different identity and blending in with the white hats, if he/she's too curious to stay away.
23. Re:I fail to see what's so spectacular about this by Anonymous Coward · 2008-08-11 09:57 · Score: 0
  
  yeah protected physically by a scrawny nerd with a sidearm and a dog. I could 'own' that entire 'high security' installation with a taser and a baseball bat.
24. Re:I fail to see what's so spectacular about this by Anonymous Coward · 2008-08-11 10:24 · Score: 0
  
  or the Princess Bride even...
25. Re:I fail to see what's so spectacular about this by eat+here_get+gas · 2008-08-11 10:41 · Score: 2, Funny
  
  que sera, sera?
  
  --
  the significance of a signature is insignificant
26. Re:I fail to see what's so spectacular about this by Anonymous Coward · 2008-08-11 11:43 · Score: 0
  
  wild hogs
27. Re:I fail to see what's so spectacular about this by j00r0m4nc3r · 2008-08-11 14:29 · Score: 4, Funny
  
  Who's to say that that's the real NOC, and not a decoy?
28. Re:I fail to see what's so spectacular about this by tyrione · 2008-08-11 16:11 · Score: 1
  
  I highly doubt that :)
  Anybody that claims he/she is a hacker is most likely not.
  These are the 'l33t' script kiddies and such, they couldn't hack their way out of a paper back if someone didn't provide a fill-in-the-blanks kit that they can download.
  Anybody that really is a hacker is already in your system, just not bragging about it.
  It's like lock picking, if you're really good at it you keep your mouth shut so that if some stuff disappears you're not going to be #1 on everybody's suspect list.
  paper bag
29. Re:I fail to see what's so spectacular about this by tyrione · 2008-08-11 16:16 · Score: 1
  
  Their network setup is impressive. Their connection to the outside world isn't. 20mbit? Less downstream than a good DSL line. And their traffic counts? Pitifully low. 12GB in over 30 hours is under 10% average utilization.
  I see three possibilities:
  1) People just aren't using the internet much 2) There are so many attacks going on that the network is unusable for actual internet connectivity 3) People are too busy trying to attack things that they don't bother with the internet.
  This is the United States of America--Las Vegas to be exact. We aren't talking about Japan as far as network performance rates are concerned.
30. Re:I fail to see what's so spectacular about this by naglep · 2008-08-11 19:59 · Score: 1
  
  Maith an fear!!
31. Re:I fail to see what's so spectacular about this by Guspaz · 2008-08-12 09:53 · Score: 1
  
  The United States of America, where fibre-to-the-home is available in many markets at speeds of up to 50mbit down and 20mbit up?
32. Re:I fail to see what's so spectacular about this by jacquesm · 2008-08-12 10:29 · Score: 1
  
  ah yes, of course :)
  my bad, apologies, a wet paper back at that ;)
  
  --
  MP3 Search Engine
ZOMG! by JCSoRocks · 2008-08-11 05:21 · Score: 3, Insightful

They've got... network cables! and, and, switches and stuff! There's even some fiber there! It's almost like they're trying to get a bunch of people on the Interweb... crazy.

--
You are using English. Please learn the difference between loose and lose; they're, there, and their; your and you're.
1. Re:ZOMG! by QuantumRiff · 2008-08-11 05:55 · Score: 5, Funny
  
  So, which side of the firewall is the "untrusted" side at defcon? Do they protect defcon from the internet, or do they protect the internet from DefCon?
  
  --
  
  What are we going to do tonight Brain?
2. Re:ZOMG! by Jawnn · 2008-08-11 07:36 · Score: 2, Funny
  
  So it really is just a series of tubes. Imagine that.
3. Re:ZOMG! by Lockster · 2008-08-11 13:42 · Score: 3, Informative
  
  So, which side of the firewall is the "untrusted" side at defcon? Do they protect defcon from the internet, or do they protect the internet from DefCon?
  We do a bit of both, actually.
4. Re:ZOMG! by Anonymous Coward · 2008-08-11 15:14 · Score: 0
  
  I'd mod this Interesting if I had the points. Really, what exactly is the firewall protecting?
5. Re:ZOMG! by Anonymous Coward · 2008-08-11 17:15 · Score: 0
  
  yes
6. Re:ZOMG! by bendsley · 2008-08-12 02:14 · Score: 1
  
  Funny!
  
  --
  Alcohol & calculus don't mix. Never drink & derive.
I am so behind the times by b96miata · 2008-08-11 05:24 · Score: 3, Informative

I only just got back from defcon 16, and already I missed 20?
1. Re:I am so behind the times by HappySmileMan · 2008-08-11 05:27 · Score: 4, Funny
  
  lrn2octal
2. Re:I am so behind the times by gnick · 2008-08-11 05:28 · Score: 4, Funny
  
  It's Defcon 2.0. They're trying to jazz up their image a little bit and make it more inter-webby.
  
  --
  He's getting rather old, but he's a good mouse.
3. Re:I am so behind the times by Anonymous Coward · 2008-08-11 05:46 · Score: 0
  
  Maybe next time you'll take sub-lightspeed travel like us less wealthy people.
4. Re:I am so behind the times by Firehed · 2008-08-11 06:23 · Score: 2, Funny
  
  Dfcn?
  
  --
  How are sites slashdotted when nobody reads TFAs?
5. Re:I am so behind the times by zobier · 2008-08-11 13:39 · Score: 1
  
  You mean http://df.cn/?
  
  --
  Me lost me cookie at the disco.
TFS seems to have a mistake by JeremyBanks · 2008-08-11 05:25 · Score: 1

> DefCon 20 It's DefCon 16 this year.
1. Re:TFS seems to have a mistake by jdunn14 · 2008-08-11 05:28 · Score: 1
  
  Octal, duh.
2. Re:TFS seems to have a mistake by JeremyBanks · 2008-08-11 05:31 · Score: 1
  
  Ah, of course.
3. Re:TFS seems to have a mistake by The+Dancing+Panda · 2008-08-11 06:06 · Score: 1
  
  They could have been polite and made it DefCon 020, at least.
  
  or 0x10...Hell, I would have called it DefCon 0x10.
  
  Or DefCon 0xF, since I start counting from 0, like every geek should.
4. Re:TFS seems to have a mistake by profplump · 2008-08-11 07:41 · Score: 2, Insightful
  
  You start indices at 0, to avoid extra math. But you really should start counting at 1, at least you'd like anyone else to know what's going on.
This remindes me of the TSA by 1_brown_mouse · 2008-08-11 05:30 · Score: 1

The dog is security theatre but little substance.
They don't really need to sniff your crotch like that but the like to.
1. Re:This remindes me of the TSA by Lost+Found · 2008-08-11 05:32 · Score: 2, Funny
  
  The dog is to make sure no one sneaks in drugs and gets the router high.
2. Re:This remindes me of the TSA by bugs2squash · 2008-08-11 05:41 · Score: 5, Funny
  
  The dog is to keep the techs away from the equipment for change control purposes.
  
  It completely replaces IT management at a fraction of the cost.
  
  --
  Nullius in verba
3. Re:This remindes me of the TSA by sumdumass · 2008-08-11 06:16 · Score: 1
  
  I think the dog's presence is little more then getting it used to crowds. The article said it is a rescue sniffer in training so I guess it might come in helpful in finding people attempting to hide behind something in hopes to have access to a room after everyone leaves. OF course there is always the protect your master instinct in case they get attack for some reason.
  But for the most part, I think it is little more then a couple of Goon's pet working dog and they found an excuse to not put him in a kennel while they attended and worked at the event.
  As for dogs sniffing crotches, I think your right, they just like to.
4. Re:This remindes me of the TSA by SQLGuru · 2008-08-11 07:05 · Score: 0, Flamebait
  
  Perfect place for training ~9000 unwashed hax0rs is equivalent to a crowd of 50000 "normal" people.
5. Re:This remindes me of the TSA by scotsghost · 2008-08-11 09:20 · Score: 1
  
  not really. 9000 people that all smell different is easier for the dog than 50000 people that all smell like the same soap.
6. Re:This remindes me of the TSA by Anonymous Coward · 2008-08-11 09:56 · Score: 0
  
  actually... the dogs could probably pick out the original smells from the soap. so the 50000 would have an extra smell each, while those geeks.. well, we know no true h4x0r ever uses soap. :P
Security thru Obscurity by 192939495969798999 · 2008-08-11 05:31 · Score: 4, Insightful

If these guys wanted any kind of openness with security, these pictures would be on the DEFCON index page instead of some kinda "security through obscurity" nonsense where only just now are we seeing how they are running the network. If it gets hacked, that should be part of the conference -- how it was compromised, what to do to protect it better, etc.

--
stuff |
1. Re:Security thru Obscurity by jacquesm · 2008-08-11 05:33 · Score: 1
  
  Better yet, they'd completely open up the whole spec, wiring diagrams, software versions and all. Just a couple of pictures of some old gear really don't mean much (and could be disinformation!).
  
  --
  MP3 Search Engine
2. Re:Security thru Obscurity by sumdumass · 2008-08-11 06:31 · Score: 1
  
  I'm not sure they were intentionally looking for openness here. I think it was more promotion and so on. Allowing access to the infrastructure that runs the event is most likely a way to get another news story going.
  I'm not exactly sure where their wants for openness lays in regard to the event. I know they will be discussing a lot of vulnerabilities and so on. I have seen quite a few articles on the setup before the even as well as into it. I'm not sure how this is even close to security through obscurity seeing how all the relevant information is pretty much availible. I don't think that looking for it would be a challenge for anyone in attendance nor anyone with an internet connection and the wherewithal to use it productively. I don't see this as obscurity at all.
3. Re:Security thru Obscurity by cromar · 2008-08-11 06:48 · Score: 4, Insightful
  
  Everything is crackable; it's a good idea to be obscure most of the time. Relying on obscurity as your only defense is what is a bad idea.
4. Re:Security thru Obscurity by mxs · 2008-08-11 08:17 · Score: 2, Interesting
  
  Blah Blah Blah.
  The first rule of cybersecurity is to have physical security. This is not security by obscurity, at all. The DEFCON network is not the focus of the DEFCON conference, so no, it should not be on the front page. Cracking the DEFCON network is not the (primary) focus of the DEFCON conference so no, there should be no need or competition to -- especially since crap like that usually results in packeting instead of actually interesting attacks. You also seem to assume that a post-mortem analysis of a break-in takes a few minutes, whipping up a presentation about it takes an hour or two, and conclusive results as to how to do it better are done in time for a presentation. Talks at DEFCON take a while to prepare.
  (Now, if somebody had cracked the network with a new kind of attack they just happened to be speaking about at DEFCON, that would have been interesting :-)
5. Re:Security thru Obscurity by Anonymous Coward · 2008-08-11 08:55 · Score: 0
  
  The only reasons that their security is obscure to you is that you are not at DefCon and you couldn't hack their network if you wanted to. "You must be this smart to know what our network is like" applies to YOU!
  I am quite sure everyone who is ANYONE at DefCon already knows every inch of their network and quite a few other ones by now.
Come on, china is more hostile... by nweaver · 2008-08-11 05:36 · Score: 3, Insightful

The Defcon network is bad if you are a sheep, but if you jsut treat it like you are going to visit China (with a return trip through US Customs), its not that bad...
New system, everything through an SSH tunnel, only your necessary working set, and temporary login credentials to throwaway accounts, and its all good!

--
Test your net with Netalyzr
basement, eh? by fan+of+lem · 2008-08-11 05:41 · Score: 1

"...wireless link to another hotel that has point-of-presence in their basement"
boy, they truly make everyone feel right at home!
Sniffer Dogs, by LM741N · 2008-08-11 05:42 · Score: 3, Funny

please don't pee on the routers!! You will void Cisco's warranty.
1. Re:Sniffer Dogs, by Anonymous Coward · 2008-08-11 06:02 · Score: 0
  
  please don't pee on the routers!! You will void Cisco's warranty.
  No problem, just let the Cisco rep discuss the warranty issue with the dog.
Re:Unimpressed. by Applekid · 2008-08-11 05:42 · Score: 2, Insightful

From TFS:

With over 9,000 hackers, freaks, feds, and geeks attending Defcon 16, the temporary wireless network setup there is considered the most hostile on the planet.
It's temporary. It's not going to have to be maintained for years on end, which is the point of textbook wiring jobs. Otherwise it's a waste of effort.

--
More Twoson than Cupertino
Re:Unimpressed. by tulmad · 2008-08-11 05:44 · Score: 3, Insightful

It's also probably set up for the conference, and taken down when it's over. Why would you bother neatly tying your cables and making everything proper lengths if you're going to just take it apart a week later? I'd be willing to bet most of their setup fits in that transit case under the firewall and switch.

--
"In case of emergency, break glass. Scream. Bleed to death."
nano-snout by mccabem · 2008-08-11 05:44 · Score: 1

They have the new nano-snout mods. Hi-fi!!
A challenge for you experts by zappepcs · 2008-08-11 05:45 · Score: 3, Insightful

Yes, their network setup looks.. uhmmm... temporary and built with something less than a multimillion dollar budget. So, how would you build a wireless network for '9000' hackers?
Pretend you have some assets already plus $10,000 to spend. How would you build the temporary network?
I've seen a lot of 'how they did it' infrastructure articles, and lots of smirking here, so how would YOU build that network?

--
Support NYCountryLawyer RIAA vs People
1. Re:A challenge for you experts by Lostlander · 2008-08-11 05:53 · Score: 0, Offtopic
  
  Duct tape lots and lots of duct tape.
More to the point... by Broken+Toys · 2008-08-11 05:48 · Score: 3, Funny

A bunch of world class hackers set up a wireless network.
What could possibly go wrong?
Re:Unimpressed. by pacman+on+prozac · 2008-08-11 05:48 · Score: 1

Now granted it doesn't need to look neat to function correctly.
I've seen servers die because their power cables were dislodged by the weight of badly installed cables, also seen servers go offline when network cables get crushed and damaged. I'd say there is a fairly strong argument that it does need to look neat to function correctly, for permanent installs anyway.
This network was only built to last a few days so I doubt they're too worried ;-)
Re:Unimpressed. by Lostlander · 2008-08-11 05:50 · Score: 1

Not to state too much of the obvious but this is also a con(ferance) so I assume the network is setup temporarily and then brought back down once defcon is over.

The temporary nature tends to lead to less stringent cable management and gfn (good for now) physical security. Although it's impractical to have a guard stationed at the network devices 24/7 for most companies for a conference it's probably the easiest and cheapest method.
Probably going to be the last.... by changos · 2008-08-11 05:57 · Score: 1

I trully thought I was going to see something spectacular. Better keep those pictures in file, rather than on the web.
And you think this is fast by doodzed · 2008-08-11 06:03 · Score: 5, Informative

Try going to Europe. Last time I went to the CCC Congress in Berlin the uplink was 600 mbit. They usually put up signs on the second deay stating "use more bandwidth."
Usually crappy US show network. Go over to Europe where they know how to put on a show. Very few rules and even those are flexible.
Oh, and the number of machines stolen over the past 23 years can be counted on one hand.
http://events.ccc.de/congress/2005/fahrplan/attachments/652-slides_network_review.pdf

--
It's not the size of your stack that matters, it's how you push and pop
1. Re:And you think this is fast by Anonymous Coward · 2008-08-11 08:09 · Score: 0
  
  I went to Dreamhack Winter 2006, and they had an 11GBit connection as far as i remember. A few projectors showed graphs of the traffic, realtime. Stunning amounts, to say the least.
2. Re:And you think this is fast by Anonymous Coward · 2008-08-11 12:48 · Score: 0
  
  for that matter, the SC network every year. When I went to SC07 last year I seem to remember hearing they dug up the road outside the convention center to put in the POP for the I2 link 6 months before...
3. Re:And you think this is fast by Neoprofin · 2008-08-11 13:25 · Score: 1
  
  I don't remember anyone saying it's fast actually, unless you broke rule number one and RTFA. Why would you go to DefCon or any other con for that matter to sit on the internet?
4. Re:And you think this is fast by stsp · 2008-08-11 23:24 · Score: 1
  
  Try going to Europe. Last time I went to the CCC Congress in Berlin [...]
  
  Oh, and the number of machines stolen over the past 23 years can be counted on one hand.
  Yes, because you don't have to go through US customs on your way to the conference :)
More than 8,000 badges by thule · 2008-08-11 06:03 · Score: 1

I am not sure of the exact attendance, but Joe Grand made over 8,000 circuit board badges. If I recall correctly, the number was 8,500. I heard that by Sunday they ran out of badges and some people were stuck with the paper badges. Most people I saw this year did have the circuit badges by Sunday. Of the ones that did not, I don't know how much over 8,500 it is, but I suspect the "over 9,000" is probably overstated.
DT didn't give an attendance amount at the wrap up this year, so I don't know what the official count was.
Rouge AP's? by faloi · 2008-08-11 06:07 · Score: 4, Funny

Are other colors of makeup safer for APs?

--
"It is a miracle that curiosity survives formal education." -Albert Einstein
KTLC by Anonymous Coward · 2008-08-11 06:08 · Score: 0

This is weak compared to what STLP students in Kentucky setup for a convention of school teachers. How did this make the front page. Our inventory has a chain link fence. Our server room is protected by an inch thick steel door and physical firewalls (the kind that prevent burning) As well as a hacked motion activated halon fire suppression system. And several caffeine hyped, sleep deprived teens stationed outside the door.
1. Re:KTLC by profplump · 2008-08-11 07:47 · Score: 1
  
  "Physical firewalls" are often nothing more than a couple of sheets of type-X drywall: http://en.wikipedia.org/wiki/Sheetrock#Fire_resistance
2. Re:KTLC by retchdog · 2008-08-11 08:38 · Score: 1
  
  Sounds instead like that convention had "overly strong" server protection (seriously, what could happen?). Typically wasteful use of state funds, but don't let that get in the way of how much fun I'm sure it was.
  
  --
  "They were pure niggers." – Noam Chomsky
pf Config by nuxx · 2008-08-11 06:09 · Score: 3, Interesting

TFA says that "...a quad-core Xeon running OpenBSD and employing pf to filter and shape traffic" is in place. I think it'd be excellent if they'd release the config for this so that we may all learn from it.
Release it after the con, that is, just in case there's a hole found in it...
1. Re:pf Config by Anonymous Coward · 2008-08-11 07:27 · Score: 0
  
  If OpenBSD is good enough for DefCon, it should be good enough for anyone.
  
  Forget iptables and Cisco PIX/ASA crap.
2. Re:pf Config by psergiu · 2008-08-11 08:00 · Score: 1
  
  Seconded !
  
  --
  1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
3. Re:pf Config by mrbah · 2008-08-11 10:33 · Score: 1
  
  Here's the config:
  block in all
  block out all
Volunteer by Anonymous Coward · 2008-08-11 06:14 · Score: 2, Insightful

Um...these volunteers set this up for free. Sure they could have spent serious $$$ on providing free wireless to a bunch of miscreants who are too cheap for mobile service and wired it up to look prettier. That's not the point. Unless you are volunteering to bring out your equipment, and setup and run this show, and do it just as securely and reliably, a simple THANK YOU will do. Otherwise, STHU. As wise old Ben said "Any fool can criticize, condemn and complain and most fools do."
Ya by Sycraft-fu · 2008-08-11 06:21 · Score: 1

This is really a lame non-story. A technical document of the map and setup of their network might be interesting (though obviously too technical for Wired) but this? Am I supposed to be impressed? I see more Cisco gear on a daily basis and I don't work for a particularly large department. That's not to knock the Defcon people, they get the amount of gear they need to do the job, not to look impressive. However Wired should find something better to report about, especially if they are doing a photo tour. I can see doing a photo tour of a major fibre hub site for something large. I've been in the one at the university I work for and it is really cool, and not something most people get to see, even most tech people. However this is just a small pile of network gear. Wow. Yay.
Slashdot shouldn't have given Wired the traffic for this non-article.
I was running 20 mbps 20 years ago fooo !! by Anonymous Coward · 2008-08-11 06:25 · Score: 0

U da foo if u run 20 mbps n 08 !!
Re:Unimpressed. by jellomizer · 2008-08-11 06:34 · Score: 1

Still it is sloppy for a temporary setup. Especially with a grandiose title of "First-Ever Photo Tour or Defcon's Network Center". I was expecting to see something Epic. Not just a hacked cabling job to some wi-fi access points. being that it is such a hostile network. I would expect in cases where things get out of hand they should be able to quickly unplug a rouge access point from the network ASAP, giving them a bit of time to view the logs block the mac address, before the guy moves in range of an other access point and starts again. Thus needing a little more organized designed.

--
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Why there were more than 8,000 badges by querist · 2008-08-11 06:45 · Score: 1

The reason there were so many badges is that speakers have the option of receiving their honorarium (small payment for speaking) in the form of three "Human" badges instead of cash. This is a very popular option because the badges are usually some really cool piece of kit and people want to play with them.
Re:Unimpressed. by thule · 2008-08-11 06:46 · Score: 1

I would expect in cases where things get out of hand they should be able to quickly unplug a rouge access point from the network ASAP, giving them a bit of time to view the logs block the mac address, before the guy moves in range of an other access point and starts again. Thus needing a little more organized designed.
That is why they use Aruba AP's. MAC's are banned automatically. Why would they ever to that manually?
Do people get in trouble for any of this? by Crazy+Taco · 2008-08-11 06:57 · Score: 4, Interesting

I've never been to DefCon before, so I'm just curious... do people actually get in trouble for any of the things they do there? If you do a man in the middle attack, do people get mad? Or is it just assumed that anyone on this network is fair game and you can 0wn them as you see fit?

--
Beware of bugs in the above code; I have only proved it correct, not tried it.
1. Re:Do people get in trouble for any of this? by blueg3 · 2008-08-11 07:31 · Score: 1
  
  You'll get in trouble for plenty of things, but not for messing around on the network.
2. Re:Do people get in trouble for any of this? by Lockster · 2008-08-11 13:41 · Score: 3, Informative
  
  It's expected. About the only thing anyone's ever gotten in trouble for (specific to the Network) is for stealing equipment (hence the guard, and the dog :)
That "9000" reference... by Xelios · 2008-08-11 06:59 · Score: 1

Old internet meme that was snuck in. This video might shed some light on it.

--
Murphey's fighting Occam, and we're in the stands.
Number of badges ordered by thule · 2008-08-11 07:27 · Score: 1

The roster shows 121 speakers. If all of them opted for the three badges that would only add up to 363 badges. I do remember Joe saying the total number of badges ordered was at or over 8,500 (he gave a specific number, but I don't remember it). There were also badges for vendors, press, goons, and "hackers" (black badges). So "human" badges were probably 8,000, with the rest of the 500 made up of there rest of the colors. So even if you removed the ones given to the speakers, we would still be talking about over 8,000 people in total.
This year's badge session pdf's didn't list the breakdown like last year.
Over 9000 by Danny+Rathjens · 2008-08-11 07:32 · Score: 4, Informative

"Over 9000" is a joke/meme, Timothy. http://www.urbandictionary.com/define.php?term=over+9000 http://www.encyclopediadramatica.com/Over_9000
1. Re:Over 9000 by eecue · 2008-08-11 12:03 · Score: 2, Informative
  
  I didn't mean it to be a joke. Defcon made 8,600 badges. They ran out of badges and there were hundreds of folks with paper badges.
  
  --
  -- sigs suck --
Re:WHAT?!?! [Off topic yet On Topic] by Koiu+Lpoi · 2008-08-11 07:59 · Score: 2, Interesting

HASSEN IJOU DA!
(In the original Japanese audio, he actually says "It's over 8,000", which is funny because there are doubts the attendance was over 8,500).
Times sure have changed. by JohnAllison · 2008-08-11 08:34 · Score: 1

During Defcon III it was all we could do to find a POTS line. This is pretty spiffy, and more than I would have expected if I were to attend. Defcon 6 had some internet thing going, as well as a large piece of butcher paper with usernames and passwords from those refusing to use secure channels.

I guess this would naturally be the standard evolution of things.
You forgot by blueZ3 · 2008-08-11 08:44 · Score: 3, Funny

4) Profit!

--
Interested in a Flash-based MAME front end? Visit mame.danzbb.com
Software for heat map? by stefanlasiewski · 2008-08-11 09:56 · Score: 1

The Heat Map planning tool looks pretty nice. Does anyone know the name of this tool? I'm squinting at the image, but I don't recognize the interface and can't read some of the words.

--
"Can of worms? The can is open... the worms are everywhere."
1. Re:Software for heat map? by Lockster · 2008-08-11 13:59 · Score: 2, Informative
  
  It's part of the Aruba management software suite.
Are guns really necessary? by Anonymous Coward · 2008-08-11 10:12 · Score: 0

By "Armed", I assume this article means "Guns".
A chainlink fence makes sense. A guard makes sense. Pepper spray makes sense. Locks make sense. Insurance makes sense. But do you really need an armed guard? Are you afraid of some armed heist or something?
Look, if a group of armed thugs tries to steal your network switches, let them have it. No need to risk your life over it, and no reason to kill someone for it. This is the intelligent way out. It's just a piece of hardware. You can replace the hardware, change your passwords. A good set of locks will deter thieves long enough for you to call the cops.
Guns are acceptable to protect you & your family from criminals, protect your constitutional rights, etc. But there are better, non-lethal ways to protect or replace your 'stuff'. Honestly, this isn't much different then killing someone because they stole your Nike sneakers.
It's like a paranoid materialistic fantasy used to justify a macho reason to own guns.
Or many the guns are just a deterrent.
A Question - ActiveScout by not_hylas(+) · 2008-08-11 11:10 · Score: 1

A question,
There's mention of Aruba's Analytics and Threat Prevention System.
How does ForeScout Technologies' ActiveScout Intrusion Prevention Appliance stack up? - for those of you that know.
Much thanks.

--
~hylas
Pretty lame by RzUpAnmsCwrds · 2008-08-11 13:17 · Score: 1

20Mbps? Are they kidding me?
PyCon 2008 used a 45Mbps DS3.
And, then, that's nothing compared to SCinet
1. Re:Pretty lame by Lockster · 2008-08-11 13:58 · Score: 2, Insightful
  
  Did you actually read the page that you referenced? I mean all the way through?
  PyCon 2008 used a 40Mb wireless connection @ 40Mbs, not a DS3. Dropping a DS3 in for a temp event is big bucks (try it sometime!)
  Now read their utilization graph. If they had 20Mb, they'd have been perfectly fine (they only spiked above 20Mb a couple of times). So let's say you're paying the $15-20K to drop in a DS3 to a hotel. If you could pay significantly less with no realistic impact to service, wouldn't you?
  How many corporate sponsors did PyCon have?
  Now compare to the corporate sponsors for DefCon.
  Now compare budgets.
  Comparing SuperComputing's Network to DefCon? Seriously?
  Convention networking isn't a dick-swinging contest--it's about getting it done.
Re:Hostile? Dangerous? What? by Hairy+Heron · 2008-08-11 17:45 · Score: 1

That's just what they want you to think! http://tim.movementarian.com/archives/computer_bomb.jpg
20 Mb? by MortenMW · 2008-08-11 19:02 · Score: 1

Is 20 Mb supposed to be impressive? The Gathering (a norwegian computer party) had a 3 Gbit connection this year. http://www.gathering.org/tg08/TG08Nettverk.html
Re:WHAT?!?! [Off topic yet On Topic] by Anonymous Coward · 2008-08-12 02:45 · Score: 0

DEF CON organisers told us (the press) that there were 8,000+ (of which 3,800+ also attended Black Hat).
Attendence by B-Con · 2008-08-12 05:37 · Score: 1

I was at DefCon this year (for the third straight time). It didn't feel like attendance was 9,000, but that's a really hard number to guess. There are:

- five lecture rooms running at all times (seating, I would estimate, between 1,000 and 3,000 per)
- a couple game rooms (about 150 and 300 in each at any given time)
- a few "villages" (with an average of maybe 150).
- hallways, always people in transit
- the "chillout" area
- the nearby eateries - hotel rooms, because many people don't attend every minute of the conference

So making a good estimate from personal experience is hard.

9,000 is probably a good guess, though, according to the guy who runs the event. According to DarkTangent in the closing cerimony, there were 8,500 official badge passes sold, with lesser quality badges going to those who showed up after the official badge supply was depleted. All 8,500 badges sold out, and I saw quite a few people wearing the backup plastic badges. So 9,000 seems like a good estimate.