From BruCON 2015
Jump to: navigation, search
(BruCON CERT)
 
(37 intermediate revisions by 4 users not shown)
Line 1: Line 1:
== General Rules ==
+
== General Terms and conditions regarding Internet usage ==
  
A free Internet access will be available during the conference via Wi-Fi. Visitors will be able to use they own devices (laptops, PDAs, mobile phones, ...) to surf the web.
+
For the third year, we are happy to provide a free Internet access to the BruCON visitors. Our network sponsors are [http://www.mactelecom.be/en/about-mac-telecom Mac Telecom] for the bandwidth and [http://http://www.exclusive-networks.be/company/exclusive-networks-group/ Exclusive Networks] for the wireless access.
  
== Disclaimer ==
+
Users of this Internet access agree to NOT use this connection for illegal or unethical activities. BruCON is kindly asking our visitors not to do anything that might jeopardise this event. BruCON vzw and it's members takes no responsibility regarding the illicit use of the network and Internet access.
  
Visitors are responsible of the electronic devices they bring to the conference premises. BruCON will not be responsible of any damage, theft or alteration of any kind (software or hardware). The network facilities are provided "as is" without any warranty of availability and performance.
+
==BruCON CERT==
  
Please follow some golden rules: don't leave your devices or bags alone. Lock your devices when away. For more details how to secure your devices before attending the conference, see below.
+
We have a CERT (Computer Emergency Response Team) in place. If you suspect any illegal activity, you can contact us and we will take the necessary actions to investigate the reported incident.
 +
 
 +
Email: [mailto:cert@brucon.org cert at brucon dot org]<br>
 +
Phone: +32 xxx xx xx xx
 +
 
 +
The network traffic will be logged for potential post-conference forensics investigations (if required).
 +
 
 +
We do NOT provide support for personal problems. We're not your mother! ;-)
  
 
== Network Facilities ==
 
== Network Facilities ==
Line 14: Line 21:
 
** Wi-Fi - A wireless network will be available for free.
 
** Wi-Fi - A wireless network will be available for free.
 
** Wired - Wired connectivity will be provided '''only''' for the press, speakers (presentations, lightning talks, workshops, ...) and the crew.
 
** Wired - Wired connectivity will be provided '''only''' for the press, speakers (presentations, lightning talks, workshops, ...) and the crew.
** Provided Services - IP addresses will be allocated via DHCP for visitors. Speakers who need a fixed IP address can contect the [[Volunteers#Network|network crew]].
+
** Provided Services - IP addresses will be allocated via DHCP for visitors. Speakers who need a fixed IP address can contact the network crew.
 
* Connectivity Details
 
* Connectivity Details
** SSID : n/a
+
** SSID : brucon
** IP range : n/a
+
** WPA pre-shared key: (check for the key provided in the printed brochure)
** Default GW : n/a
+
** IP range : Provided by DHCP
** GW MAC Address : n/a
+
** Default GW : Provided by DHCP
** DNS : n/a
+
** GW MAC Address : 00:0d:61:2d:c8:83
 +
** DNS : Provided by DHCP
  
 
== How to Survive? ==
 
== How to Survive? ==
  
Attending a conference with a public network is not without security risks. You are often directly connected to the Internet. Consider it the Wild Wild West. Before coming to the event, please be sure to follow the following best practices:
+
Attending a hackers conference with a public network is not without security risks. You are often directly connected to the Internet. Consider it the Wild Wild West. Before coming to the event, please be sure to follow the following best practices:
 +
 
 +
=== General rules ===
  
* General rules
+
* If possible bring a dedicated device to the conference with a fresh & limited set of softwares and data. Don't take a brand new one, it can be hit by flying objects, fall or flooded by beer.
** If possible bring a dedicated device to the conference with a fresh & limited set of softwares and data. Don't take a brand new one, it can be hit by flying objects, fall or flooded by beer.
+
* Don't bring confidential data with you.
** Don't bring confidential data with you.
+
* Do not carry business documents and keep your USB sticks away from other participants.
** Do not carry business documents and keep your USB sticks away from other participants.
+
* If you bring your regular device, perform a full backup of your data and restore them after the conference
** If you bring your regular device, perform a full backup of your data and restore them after the conference
+
* Be sure to use fully-patched softwares
** Be sure to use fully-patched softwares
+
* Take care of physical security: put BIOS passwords, don't leave your devices unattended.  
** Take care of physical security: put BIOS passwords, don't leave your devices unattended.  
+
* Put labels on your hardware (if you'd like to remain anonymous, don't put your name but a unique detail like a sticker under the battery to make the device easily identifiable)
** Put labels on your hardware (if you'd like to remain anonymous, don't put your name but a unique detail like a sticker under the battery to make the device easily identifiable)
+
* '''Encrypt''' everything, always
** '''Encrypt''' everything, always
+
** Encrypt your disks ([http://www.truecrypt.org TruCrypt])
*** Encrypt your disks ([http://www.truecrypt.org TruCrypt])
+
** If you need to communicate over the wild Internet, use '''VPN''' or any other kind of tunneling like [http://www.ssh.com/support/documentation/online/ssh/winhelp/32/Tunneling_Explained.html SSH tunnels].
*** If you need to communicate over the wild Internet, use '''VPN''' or any other kind of tunneling like [http://www.ssh.com/support/documentation/online/ssh/winhelp/32/Tunneling_Explained.html SSH tunnels].
+
** Avoid any unsecured protocols like POP3, IMAP, HTTP-auth, Instant Messenger, Twitter (cookies)
*** Avoid any unsecured protocols like POP3, IMAP, HTTP-auth, Instant Messenger, Twitter (cookies)
+
* Do not trust anybody! Even not secured web-sites.
** Do not trust anybody! Even not secured web-sites.
+
* Don't log with administrative rights (Administrator, root, ...)
** Don't log with administrative rights (Administrator, root, ...)
+
* Lock your sessions if you stand-by your device
** Lock your sessions if you stand-by your device
+
* Be prepared for the worst case scenario, shit happens!
** Be prepared to the worst case, shit appens!
+
* Your batteries have a (too) limited life-time. Powercords will be deployed but we cannot cover the whole area. It's a good idea to take a powercord extender with you.
  
 
=== Microsoft OS ===
 
=== Microsoft OS ===
Line 47: Line 57:
 
* Be sure to have an anti-virus running (with up-to-date signatures) and a firewall.
 
* Be sure to have an anti-virus running (with up-to-date signatures) and a firewall.
 
* Disable all unwanted services (Go to 'Start', 'System Settings', 'Services', 'Properties of service' then 'Stop').  
 
* Disable all unwanted services (Go to 'Start', 'System Settings', 'Services', 'Properties of service' then 'Stop').  
 +
* Useful references:
 +
**  [http://www.microsoft.com/downloads/details.aspx?FamilyId=2D3E25BC-F434-4CC6-A5A7-09A8A229F118&displaylang=en Windows XP Security Guide]
 +
** [http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a3d1bbed-7f35-4e72-bfb5-b84a526c1565 Windows Vista Security Guide]
  
 
=== MacOS ===
 
=== MacOS ===
Line 52: Line 65:
 
* Disable all unwanted  services (Go to 'System Preferences', 'Sharing', 'Services' and uncheck all the things you don't need).
 
* Disable all unwanted  services (Go to 'System Preferences', 'Sharing', 'Services' and uncheck all the things you don't need).
 
* Protect your [http://en.wikipedia.org/wiki/Keychain_(Mac_OS) Keychain] access (where all your password are stored). Start the Keychain utility (Go to 'Applications', 'Utilities' then 'Keychain Access'). Select the 'login' keychain from the sidebar and go to the menu 'Edit', 'Change Settings' for Keychain "login"'.   
 
* Protect your [http://en.wikipedia.org/wiki/Keychain_(Mac_OS) Keychain] access (where all your password are stored). Start the Keychain utility (Go to 'Applications', 'Utilities' then 'Keychain Access'). Select the 'login' keychain from the sidebar and go to the menu 'Edit', 'Change Settings' for Keychain "login"'.   
 +
* Useful references:
 +
** [http://www.apple.com/support/security/guides/ Mac OX X Security Configuration Guides]
  
 
=== Linux ===
 
=== Linux ===
Line 57: Line 72:
 
* Protect your GRUB or LILO boot loader with a password
 
* Protect your GRUB or LILO boot loader with a password
 
* Limit access to the console using /etc/securetty.
 
* Limit access to the console using /etc/securetty.
 +
* Useful references:
 +
** [https://help.ubuntu.com/community/BastilleLinux Bastille Linux Project]
  
 
=== PDA/iPhone ===
 
=== PDA/iPhone ===
Line 62: Line 79:
 
* Disable Bluetooth discovery and services.
 
* Disable Bluetooth discovery and services.
 
* Disable preview of SMS on your iPhone(which will be displayed even if locked).
 
* Disable preview of SMS on your iPhone(which will be displayed even if locked).
 +
* Useful references:
 +
** [http://www.roseindia.net/iphone/iPhone-security-tips.shtml iPhone Security and Safety Tips]
 +
** [http://www.pcmag.com/article2/0,2817,2339121,00.asp Smart Phones Security Measures]
 +
** [http://bizsecurity.about.com/od/informationsecurity/a/blkberry.htm Protecting Your Blackberry]
  
 
== Do '''not''' ... ==
 
== Do '''not''' ... ==
 
* deploy rogue Wi-Fi access point nor  rogue servers (DHCP).
 
* deploy rogue Wi-Fi access point nor  rogue servers (DHCP).
* use unencrypted protocols (once again I now...)
+
* use unencrypted protocols (once again I know...)
 
* perform suspicious activity like ARP spoofing, DoS or bruteforce attacks (non-exhaustive list!)
 
* perform suspicious activity like ARP spoofing, DoS or bruteforce attacks (non-exhaustive list!)
  
 
== Privacy ==
 
== Privacy ==
* Please respect visitors '''privacy'''. Do not take picture without proper authorization of visitors faces, screen-shots nor papers
+
* Do not take picture without proper authorization of visitors faces, screen-shots nor papers
 
+
* Do not expect any privacy. All your packets are belong to us!
== Emergencies ==
+
* If for any reason, you don't want to be sniffed, do '''NOT''' use the wireless network and switch to 3G/4G networks.
* In case of network outage or suspicious activity, please contact our CERT via e-mail or phone (details will come later)
 
* We do NOT provide support for personal problems. We're not your mother! ;-)
 
  
 
== Network Status / Updates ==
 
== Network Status / Updates ==
 
+
* Stay tuned
Todo
 

Latest revision as of 17:22, 21 September 2015

General Terms and conditions regarding Internet usage

For the third year, we are happy to provide a free Internet access to the BruCON visitors. Our network sponsors are Mac Telecom for the bandwidth and Exclusive Networks for the wireless access.

Users of this Internet access agree to NOT use this connection for illegal or unethical activities. BruCON is kindly asking our visitors not to do anything that might jeopardise this event. BruCON vzw and it's members takes no responsibility regarding the illicit use of the network and Internet access.

BruCON CERT

We have a CERT (Computer Emergency Response Team) in place. If you suspect any illegal activity, you can contact us and we will take the necessary actions to investigate the reported incident.

Email: cert at brucon dot org
Phone: +32 xxx xx xx xx

The network traffic will be logged for potential post-conference forensics investigations (if required).

We do NOT provide support for personal problems. We're not your mother! ;-)

Network Facilities

  • Internet Access
    • Wi-Fi - A wireless network will be available for free.
    • Wired - Wired connectivity will be provided only for the press, speakers (presentations, lightning talks, workshops, ...) and the crew.
    • Provided Services - IP addresses will be allocated via DHCP for visitors. Speakers who need a fixed IP address can contact the network crew.
  • Connectivity Details
    • SSID : brucon
    • WPA pre-shared key: (check for the key provided in the printed brochure)
    • IP range : Provided by DHCP
    • Default GW : Provided by DHCP
    • GW MAC Address : 00:0d:61:2d:c8:83
    • DNS : Provided by DHCP

How to Survive?

Attending a hackers conference with a public network is not without security risks. You are often directly connected to the Internet. Consider it the Wild Wild West. Before coming to the event, please be sure to follow the following best practices:

General rules

  • If possible bring a dedicated device to the conference with a fresh & limited set of softwares and data. Don't take a brand new one, it can be hit by flying objects, fall or flooded by beer.
  • Don't bring confidential data with you.
  • Do not carry business documents and keep your USB sticks away from other participants.
  • If you bring your regular device, perform a full backup of your data and restore them after the conference
  • Be sure to use fully-patched softwares
  • Take care of physical security: put BIOS passwords, don't leave your devices unattended.
  • Put labels on your hardware (if you'd like to remain anonymous, don't put your name but a unique detail like a sticker under the battery to make the device easily identifiable)
  • Encrypt everything, always
    • Encrypt your disks (TruCrypt)
    • If you need to communicate over the wild Internet, use VPN or any other kind of tunneling like SSH tunnels.
    • Avoid any unsecured protocols like POP3, IMAP, HTTP-auth, Instant Messenger, Twitter (cookies)
  • Do not trust anybody! Even not secured web-sites.
  • Don't log with administrative rights (Administrator, root, ...)
  • Lock your sessions if you stand-by your device
  • Be prepared for the worst case scenario, shit happens!
  • Your batteries have a (too) limited life-time. Powercords will be deployed but we cannot cover the whole area. It's a good idea to take a powercord extender with you.

Microsoft OS

  • Be sure to have an anti-virus running (with up-to-date signatures) and a firewall.
  • Disable all unwanted services (Go to 'Start', 'System Settings', 'Services', 'Properties of service' then 'Stop').
  • Useful references:

MacOS

  • Disable all unwanted services (Go to 'System Preferences', 'Sharing', 'Services' and uncheck all the things you don't need).
  • Protect your Keychain access (where all your password are stored). Start the Keychain utility (Go to 'Applications', 'Utilities' then 'Keychain Access'). Select the 'login' keychain from the sidebar and go to the menu 'Edit', 'Change Settings' for Keychain "login"'.
  • Useful references:

Linux

  • Disable unwanted service (Via a root shell, issue the command '/etc/init.d/$service' stop or '/usr/sbin/$service' stop )
  • Protect your GRUB or LILO boot loader with a password
  • Limit access to the console using /etc/securetty.
  • Useful references:

PDA/iPhone

Do not ...

  • deploy rogue Wi-Fi access point nor rogue servers (DHCP).
  • use unencrypted protocols (once again I know...)
  • perform suspicious activity like ARP spoofing, DoS or bruteforce attacks (non-exhaustive list!)

Privacy

  • Do not take picture without proper authorization of visitors faces, screen-shots nor papers
  • Do not expect any privacy. All your packets are belong to us!
  • If for any reason, you don't want to be sniffed, do NOT use the wireless network and switch to 3G/4G networks.

Network Status / Updates

  • Stay tuned