Defcon 16 reflections

Published: 2008-08-12
Last Updated: 2008-08-12 17:56:07 UTC
by Joel Esler (Version: 3)
2 comment(s)

As promised I thought I would send up a post about Defcon, since it's fresh on alot of our minds.

Despite what people think, this is still a good con.  Still breakthrough talks happening, still "zero" days coming out.  Thousands of Thousands of people there. 

The Goons did a great job keeping everything flowing and organized.  (Although, could have ordered more badges on day 1?)  Even though the hotel posted guards around the ATMs, the Nevada Gaming Commission and some Cops were investigating a Horse Race Betting Machine (could have been totally legit, I didn't ask, I don't want to know.  It was just funny and coincidental), and various other interesting tidbits.

There were alot of interesting talks, obviously I couldn't attend them all, but from the ones that I heard were very interesting (BTW -- I am going to link to the presentations that I can, Click through AT YOUR OWN RISK :

Kaminsky -- Although I heard that there was basically nothing new posted, (I wasn't there, I was on a plane), it was interesting to hear him present about the vuln.

BGP Hack -- I did hear that this WAS the most interesting talk.  From what I heard/read, the guys that were presenting were able to successfully demonstrate how they changed the BGP routing at Defcon and sent everything through a box in New York, only to come back to Vegas.  Apparently they did this live.  Nice.

Snort plugin development -- Of personal interest to me, I sat in on this talk about Snort dynamic-preprocessor and rule development. 

The Medical Identity Theft talk at DC16 had an unannounced software release...  They wrote a tool to strip the headers off of LWAPP packets and output a regular pcap file showing the regular wireless client traffic.

Fyodor's Talk on Nmap -- Funny, excellent, interesting!

As always, the Capture the Flag contests were great and interesting.  Spot the fed was funny (as always), as were several of the other contests:

Sit through 30 hours of vendor presentations without sleeping to split US10k.

Automate a pellet/paintball gun to shoot targets.

Guitar Hero 3 (Holy cow, the guys that play this on Expert are CRAZY fast!)

The Freakshow party (as most the parties I went to were) on Saturday was awesome.  Props go to Sunshine and whomever was on her side for planning that one!  Great conference everyone.

 UPDATE:  Added URL from The Medical Identify Theft talk, corrected post about the same -- Corrected Fyodor's URL.

-- Joel Esler

2 comment(s)


Is the tool you mentioned for LWAPP packets available to the public? Also, LWAPP packets have two forms: control traffic and data traffic. The control traffic is encrypted while the user data traffic is not encrypted, simply tunneled to the wireless controller with an additional header. I would assume this tool only strips the LWAPP header so that software such as Wireshark can interpret the packet correctly.

The links to Fyodor's talk is for Defcon 13 in 2005.

Diary Archives