My first #BruCON — Hackers & B33R

 

IMG_7764So let’s talk BruCON. After weeks of convincing my friend Floyd finally talked me in to going to BruCON with him. Me never having been to a ‘real’ hackers conference did not know what to expect.

 

The Journey 

Me and Floyd decided to take it easy. We only had to take the train to Gent. What could go wrong? Well, after finishing How to Train your Dragon 2 on the iPad we quickly discovered we were actually sitting in the wrong train. No biggy just a 1,5 hour delay. A lot of people had it worse:

 

The Arival After a short discusion on witch train to take we where on the road again. And IMG_6235it did nog take us long to arrive in Gent. The first thing I did when we arrived at our lovely AirBNB adres was of course back-upping my system, applying the latest patches and checking if my VPN was running as well as I hoped. We (of course) weren’t the first arrivals. As I gasped at the building the conference was being held in (lots of photos in this post) we checked in and met some of the arrivals. A few beers and good conversations later we hit the bar, and soon after that our beds.

Tha first day Having had a goodnight of sleep at the AirBNB (btw what’s up with locks in Belgium, nothing had a lock, not the toilet or the shower) we went back to the con. After a quick intro keynote we discovered the hacking challenge hosted by NVISO. Soon every table was filed with hackers trying to solve the different challenges. Floyd also introduced me to my first taste of Club Mate and we became instant BFF’s.

The talks on the first day where a lot of fun. I went to Exploiting the Bells and Whistles: Uncovering OEM Vulnerabilities in Android (part 1). It was all about exploiting android. Just wish I could have run the VM’s (vBox an VM ware images don’t play nice). I also attended the beer workshop where we learned all about making beer (and what not to do unless you want your bottles to explode). After a few ( free ) beers at the worksop it was time to hit the afterparty and bars.

 

 

IMG_6282After a ‘successful’ night of consuming various drinks and moving one’s body to strange music we went back to a short night of sleep. After we woke up we soon discovered ( while Floyd was still taking his shower ) that the builders outside thought that this was a perfect time to close the central water supply.

 

Day 2 time

The second day we attended a few talks. One about Building your own botnet, about Thunderbolt DMA attacks and honeypot’s. Day 2 was over so quick. I’m not sure it was because of the hangover or all the cool talks and workshops I was attending.

IMG_7760

Closing and final thoughts

My first BruCON was amazing. There is so much I haven’t written about because you can’t explain it without proper context. There were so many amazing people, and it’s just hilarious to discus your worst IT screwup wile being drunk outside a bar at 5 in the morning. I’ll be going back next year and in the meantime I will be on the lookout for more Cons.

And to close this post, here are some ( as we call them in Holland ) “Sfeer Foto’s” of Gent and the BruCON.

@securitygen: I received a Tor joke from someone. have no idea who they are though.

Y U TRY HACK ME! – Je server verdedigen, les 1

Servers draaien en beheren is het levensbrood van je doorsnee nerd. Zo draaien wij hier in huis bijvoorbeeld een minecraft game server genoemd “Marvin” ( in de toekomst meer over dat onderwerp btw ) . Er zijn wat dingen die minder zijn zoals le down time en zeurende mensen over de performance. Maar weet je wat pas fijn is ? Op een dag inloggen en zien dat er allemaal spul verandert is op je server. Verdomme denk je dan! Wat is  er gebeurd ? En – terwijl je net je 1e bak koffie op hebt – door de acces log’s zoekt valt het je opeens op. Iemand heeft ingelogd vanuit Japan.

Aii, ik hoop dat mij zoiets nooit zal overkomen. En daarom is er 1 programma dat ik standaard op elke linux server draai die ik bouw. Fail2Ban ( http://www.fail2ban.org/wiki/index.php/Main_Page ) . Een heel kleine simpele deamon die in de achtergrond draait en je automatisch van de server smijt als je 3 keer verkeerd hebt proberen in te loggen ( op ip basis ofc ). 3 strikes and ya out! Natuurlijk is het aantal pogingen en de out time aan te passen. Bijkomend plus puntje, fail2ban werkt ook voor andere services zoals FTP, telnet Mail etc.

Voor onze luie sys admins, hier heeft u hem:

sudo apt-get install fail2ban

Have fun, geek out.