Another Defcon and Holly Shit there where lot of people. I registered Friday morning and they had run out of badges. Defcon has out grown the Rio, and to support that theory where rumors the Con would be moving. For conventions over 14,000 attendees the options narrow. On the Defcon Wikipedia page and the Defcon DC News site they list Defcon 23 will be at both the Paris and Bally's hotels. Not sure how that will workout, but it definitely needs a larger facility. This may be mis information though, remember Defcon is canceled every year.
The theme this year at least the talks I attended was Botnets... Botnets... Botnets... The first talk I attended was Domain Name Problems and Solutions with Dr. Paul Vixie. His talk was a deep dive into how Botnets and other nefarious entities are exploiting DNS. The industries movement to provide convenient and low priced DNS names are fueling the fire. He also went into analysis of DNS meta data and how it is used in DNS RPZ or a (DNS Firewall.)
Don't DDOS Me Bro: Practical DDOS Defense presented by Blake Self and Cisco Ninja, was one of the better talks I attended. They spoke about Layer7 DDOS detection and defense, and brought some real world data from their site soldierx.com. They presented some examples of multi layer defenses from F5 rules to Apache tools. They also released their DDOS monitoring tool RoboAmp that will run on a Raspberry Pi.
Lastly and trust me it was a tough talk to get to was Catching Malware En Masse: DNS and IP Style. OpenDNS presented tools and techniques they have developed to identify bonnet and malware traffic on the internet. They also presented an awesome 3D visualization engine they use to graph and identify this rouge DNS and IP traffic.
Between the parting and binge consumption there was a lot to take away from this years Defcon. It was good catching up with old friends and meeting new ones, and I can wait till next year.
If your familiar with F5 you understand the need for a quick and dirty virtual lab on your lap top. From testing code upgrades to writing and testing iRules you'll quickly learn how important a lab is.
To get started your going to need a few pieces that will make up your virtual lab. Most of the following will work on a Mac or PC, but I am running a mac, so i apologize in advance if some of the configuration is different.
Software needed:
- F5 LTM Software: virtual lab edition is $99 you can also ask your F5 sales team for a trial lisc.
- Hypervisor: I am using VMWare Fusion
- Virtual Router: Vyatta (Brocade bought them but you can still find the open project iso.)
- Servers: Use what you feel comfortable with.
Step 1) Install Virtual Software (VMWare)
Step 2) Go to Preferences > Network and create several virtual machine networks. These vm networks will work like VLANs and you will assign virtual nics for devices that will operate in those networks.
Step 3) Install and configure your F5 Virtual Lab software. You will want to configure at least three network connections, one for management, server side and client side. Make sure you make the gateway IP the IP address you will assign the interface on the Vyatta router.
Step 4) Install and configure your Vyatta virtual router. This will allow your PC to communicate with all of the networks as well as bridge the server network to the internet for updates and package installs. Here is a great guide I found for vyatta commands.
Step 5) Install and configure your servers configuring their nice to participate in the server VLAN.
Step 6) Build a Virtual server on the F5 using an IP address on the client network, and your pool member that exists in the server network.
You should be up and running and able to play with the F5.
So everyone's heard of Amateur Radio, but certified Amateur radio operators are becoming a rarity. It's not hard to speculate why Amateur radio is disappearing, just go to a restaurant or visit the mall you'll see every other person focused on their cell phone.
Even though our nation's cellular networks are growing and becoming more robust, Amateur radio operators still provide an important public service. The largest disaster response by U.S. amateur radio operators was during Hurricane Katrina. More than a thousand ham operators from all over the U.S. converged on the Gulf Coast in an effort to provide emergency communications assistance. Subsequent Congressional hearings highlighted the Amateur Radio response as one of the few examples of what went right in the disaster relief effort.
A good way to be introduced to Amateur radio is to attend a local Amateur radio group event. I have included a link to help find your local group.
- http://www.arrl.org/find-a-club Link to the National Association for Amateur Radio club search.
The next step is to get certified. Many local chapters provide Amateur radio certification tests. Also this year at Defcon they will be offering the exams right at the convention.
- http://www.arrl.org/find-an-amateur-radio-license-exam-session Link to the National Association for Amateur Radio exam search.
The Defcon guys provided a terrific study resource to help you with the exam.
- https://hamstudy.org Free tools to help you study for the Ham Radio license.
Finally you'll need a radio. For my first radio I decided to play it safe and bought a low-priced hand held to get a feel for ham radio. Here it is:
, - Frequency Range: 136-174 / 400-480MHz; 25KHz/12.5KHz Switchable
- 128 Channels 50 CTCSS and 104 CDCSS; Channel Step: 2.5/5/6.25/10/12.5/25KHz
- Dual-Band Display, Dual Frequency Display, Dual-Standby; A/B band independent operation
- Comes with all necessary accessories, backed up by 12 Months Seller Warranty
I have searched high and low for a decent low-priced alternative for Visio on the Mac, and I think I have finally found one.
yEd Graph Editor is a powerful desktop application that can be used to quickly and effectively generate high-quality diagrams. Create diagrams manually, or import your external data for analysis. Thier automatic layout algorithms arrange even large data sets with just the press of a button.
The install is strait forward and works great, but us network guys want cisco icons. The network icons that come with are a little weak. So I found a German website that had the Cisco default icons as .svg files. Here is the link to the download cisco_svg_icons.
Next how to install the icons.
Let me know if you have any better alternatives.
yEd Graph Editor is a powerful desktop application that can be used to quickly and effectively generate high-quality diagrams. Create diagrams manually, or import your external data for analysis. Thier automatic layout algorithms arrange even large data sets with just the press of a button.
The install is strait forward and works great, but us network guys want cisco icons. The network icons that come with are a little weak. So I found a German website that had the Cisco default icons as .svg files. Here is the link to the download cisco_svg_icons.
Next how to install the icons.
- Open yEd Editor Go to Edit --> Pallte Manager
- Create a new Click New Section (name it)
- Highlight newly created Section and click import symbols
- Select .svg symbols and import them.
Let me know if you have any better alternatives.