2014-08-15

DEFCON 22: Braindump

THURSDAY: Registration, Swag and Defcon Wifi

This year's line was one of the worst compared from previous years.  We got at the Con on Thurs at around 9:20am and the line has already snaked like a Disneyland ride all the way out to the Rio pool area.  Luckily, a colleague introduced me to Priest, and he hooked us up with Human badges, skipping the lines and saving us at least 3 hours. Thank u very much, I'm very grateful indeed.  Later on the next day, Friday, we heard the electronic badges ran out.

This year's swag included an electronic badge (being an even number year) with a Parallax chip - blinky lights and a mini-usb port.  The usual con program booklet, 2 CD's (music and pdf of talks, short story + software for the badge).  Oh and the infra-red glasses.  Clues were on the floors and rotunda, as well as the signs for the badge contest.  The Welcome to Defcon banner actually says "Defcon is Cancelled" if you wear your infra-red glasses.

At 10:00am that morning, the swag line was basically non-existent.  10 minutes tops, this is probably due to most people were still in the registration line.  I got in line as  scheduled, and after browsing the items, I just got a couple of t-shirts specific to Defcon 22, and a bandana.   The usual items were there available - shot glass, flask, sport shirts, back packs, a lab coat, hoodies, notebook....etc. 

The next item on my agenda is to get the laptop connected to the Defcon network. (Note: Always connect to DefCon secure, not the DefCon-Open.  WoS operates on the DefCon-Open network.)  To connect to DefCon secure, you'll first have to register.  Just for once, connect to DefCon-Open to be able to register. After you are connected, navigate to the DEF CON 22: WiFi Login Self-Registration - wifireg.defcon.org. 

Note: Remember your Username and Password. You're going to need this to login to DefCon (secure).  From a Kali box, connect to the DefCon secure wifi.  When you get prompted for the security, navigate to the Wireless Security tab and set it to LEAP. Enter your username and password.



Thursday is actually a good day to visit the villages also, although most of them are not completely setup yet.  Surprisingly the Packet Hacking Village were already herding sheep by late afternoon on Thursday.  The Defcon 101 talks is a must for n00bs. They give good advice on how to make the most out your Con.  At this time, invest about an hour or so to go through the entire program booklet. Load whatever is on the info CD to your hard drive to make it easily available when you need it.  Transfer the PDFs to your phone or tablet for easy reference.  This is also a good time to mess around with the badge a bit.  If it's an electronic badge year make sure you have Parallax's Spin loaded and  make sure your Windows installation is running well.

The Vendor Area is closed on Thursday.

If some contest tables are already up, go register and get going with the contest.  Also, usually a few weeks before the Con, some contests registrations are already already available online.  Check their respective forums, websites or twitter accounts for updates.  Some contest, like CTP, have very limited slots available so get a head start in registering to ensure your spot at the con.  

Thursday's summary:
1. Register
2. Shop for Swag
3. Review the Program (while in line or not)
3. Connect to the DefCon wifi
4. Prep laptop for Contests
5. Register for contests
6. Visit the Villages


FRIDAY: Welcome Talk, Contests, Village Visits and Vendor Recon

A must agenda item for Friday is the Defcon Welcome talk.  If you're going after the badge mystery contest, you have to see this one.  DT most likely will show-up with some interesting info about the current con.  This talk is usually crowded so you'd want to get there early.  After this talk, you're basically free to troll the halls unless you have a pre-planned agenda for the day - which would be a good idea to maximize your time.

Friday is the really the best time to visit the villages and register for the contests you're interested in.  The villages will not be as crowded and the SME's are still fresh, and not hanged over yet.  Go visit the villages you're not familiar with for a couple of hours and learn something new.  Then settle in to the village you belong in.  While in the villages, try to acquire their schedule of talks or demos (these are different from the main con talks).  Note: Learn a new skill, keep an open mind and talk to people -  ask questions.

For this year, I registered on Warl0ck Gam3z, CTP and NFPC. This year, you needed to score some points and get on the score board before you get a free t-shirt swag.  It's all good and i totally agree with this new "policy".  I think Friday is also the best time to hit the talks while working on the preliminary rounds of the contests.  Friday is usually the day you'll quickly find out if you have the chaps to make it to the Saturday rounds or Not!  If you did not prepare your hardware, software and brain.... it's too late if you have to figure that out today.  Or you'll have to  stay up all night to figure it out.

The vendor area is most crowded on this day.  It was just jam packed, with Hak5 wifi pineapples flying off the shelf. It's shoulder-to-shoulder movements in the vendor 2.  If you're shopping for shirts, small and medium sizes will go out this day.  As far as hardware shopping, you can wait until Saturday.

This year, I hanged out at the PHV while trying to download stuff from the Defcon media server.  Wifi and bandwidth was actually good on early Friday but horrible on Friday and Saturday - damn u  Wifi Pineapples. 

Friday night is reserved for Hacker Jeopardy.  I missed half it due to they started it early before Hacker Pyramid.... didn't follow my own advice - "spend time to read the program".  It was OK and enjoyable as usual with echoing DFIT chants... but no more stripping for correct Daily Doubles?!@?!!! what!@#!>! a little dis-appointed.

The rest of the Friday night was spent trying to solve some contest problems.

Friday Summary:
1. Welcome to DEFCON Talk
2. Contest Area
3. Visit Villages
4. Troll the Vendor Area
5. Spend time in your village
6. Hacker Jeopardy
7. Solve Contest Problems/challenges

SATURDAY: Talks, Villages, Contest Run, Vendor Shopping

My first goal of the day was to hit the Vendor Area to get the items I need before they sell out.  I went to my fav village, PHV, to hang out and learn more techniques.  But really, I was just trying out new strategies on analyzing packets.  I'll be back next year with better ideas which i hope to test in CTP.  Note: CTP provided 2 static IP addresses per team competing.  You'll need a hub or switch and a couple of laptops to efficiently capture and analyze.  I will have to sit down and re-evaluate this.   I was not really interested in any of the talks this year, to I did not go to any.
Saturday is the most crowded day in Defcon.  A river of people will flow on the hour every hour as talks end and people move to another track.  While trying to solve a problem form Warl0ck, one of the task was to pick a lock... I didn't know how to pick that specific lock so I decided to go to the Lock Picking Village to learn.  As I walked in, each table was full and no space available.... SOLUTION: I discovered that the Vendor Area is a good place to learn lock picking, minus the formal lock picking talks - the lock vendors can rival the LPV.  The sales people will spend as much time to teach you how to open locks until you open one... I actually got a lot of lock picking lessons from the vendors.I also visited the contest area to watch some competition to learn what they are doing.  I killed about an hour there. Then back to the WoS where I belong!

Saturday night, just like Friday, is Hacker Jeopardy night.  Once again, it was fun but not like the previous year's vibes.  I decided to leach the Defcon media server for more content.  I got to chat with a fellow with his daughter who were attending Rootz Asylum.  Tried to solve more problems from the contests.  This is the night that i actually realized that I can only do one off site contest (Warl0ck) and one on-site contest (CPT).  For NFPC, I'll just grab the CD again and do it after hours.

For next year:
1. CPT
2. Warl0ck Gam3z
3. NFPC

SUNDAY: Contest Finals, Vendor Area fire sale, Contest Results, Closing Ceremonies

Catch a little more talks, hang out in the village you belong in.  At around 3:00 pm, some vendors are ready to bargain - so be sure to wheel and deal when you can.  Bundle up to get a deal.  Some T-shirts will be at 50% of at this time, so take advantage. 

Note: to get front row seats for the closing, get in line really early.