SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Frequently Asked Questions"

Difference between revisions of "Frequently Asked Questions"

From BruCON 2017

Jump to: navigation, search
(Transportation)
(Is there a map for BruCON?)
 
(73 intermediate revisions by 8 users not shown)
Line 1: Line 1:
==About Brucon==
+
==About BruCON==
 
===What is BruCON?===
 
===What is BruCON?===
BruCON is an annual two-day conference in Belgium offering a high quality line up of speakers, opportunities of networking with peers, security challenges and workshops. Organized in Brussels, BruCON is an open-minded gathering of people discussing computer security, privacy, information technology and its cultural/technical implications on society. The conference creates bridges between the various actors active in computer security world, included but not limited to hackers(*), security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies, etc....
+
BruCON is an annual security and hacker(*) conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Belgium, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. BruCON is a conference by and for the security and hacker(*) community.  
 +
 
 +
The conference tries to create bridges between the various actors active in computer security world, included but not limited to hackers(*), security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies, etc.....
  
 
<small><i>(*)Hackers are "persons who delight in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." People who engage in illegal activities like unauthorized entry into computer systems are called crackers and don't have anything to do with hacking. BruCON doesn't promote any illegal activities and behavior. Many hackers today are employed by the security industry and test security software and systems to improve the security of our networks and applications. In addition, for the younger generations, we want to create some awareness and interest in IT students to learn more about IT Security.</i></small>
 
<small><i>(*)Hackers are "persons who delight in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." People who engage in illegal activities like unauthorized entry into computer systems are called crackers and don't have anything to do with hacking. BruCON doesn't promote any illegal activities and behavior. Many hackers today are employed by the security industry and test security software and systems to improve the security of our networks and applications. In addition, for the younger generations, we want to create some awareness and interest in IT students to learn more about IT Security.</i></small>
 +
 
===How did BruCON start?===
 
===How did BruCON start?===
A group of security enthusiasts decided that it was time in Belgium to have its own security and hacker conference. A lot of countries around the world have these kind of conferences to discuss and present research on computer security and related subject matters.  
+
BruCON is organized as a non-profit event by volunteers. A group of security enthusiasts decided that it was time in Belgium to have its own security and hacker conference. A lot of countries around the world have these kind of conferences to discuss and present research on computer security and related subject matters.  
We want to unite people who share the same passion and support the Belgian (research) communities, with BruCON as a yearly highlight.  
+
We want to unite people who share the same passion and support the Belgian (research) communities, with BruCON as a yearly highlight. We are not professional organizers and started this as a non-profit organization. We all have full time jobs and dedicate a lot of our free time to this project. Everyone is welcome to join us and help!!
===When and where is BruCON ?===
+
 
The help us fund the conference, we are providing some excellent [[Training]] courses on 16 & 17 September and the Conference itself is on 18 & 19 September in [[Travel|The Surfhouse]].
+
===When and where is BruCON?===
 +
BruCON Spring Trainings will be between 19 and 21 April 2017. Our regular training track will be hosted between 2 and 4 October followed by our conference on 5 and 6 October 2017.
 +
 
 +
===Where can I get updates about BruCON?===
 +
Besides this website we regularly post news and updates on social media. You can find them here : <br>
 +
[[Image:Blogger_logo.jpg|55px|link=http://blog.brucon.org]],[[Image:Facebook logo small.png|50px|link=http://www.facebook.com/pages/Brucon/95744132137]],[[Image:Twitter_logo.jpg|50px|link=http://twitter.com/brucon]], [[Image:Mailing_logo.jpg|50px|link=http://mailman.brucon.org/mailman/listinfo/]] or [[Image:Linkedin_logo.jpg|55px|link=http://www.linkedin.com/groups?gid=1777141]].
 +
 
 +
===Is there a map for BruCON?===
 +
The old one is outdated but we will create a new one for 0x09 (2017) edition
  
 
===What are the rules of BruCON ?===
 
===What are the rules of BruCON ?===
There are no rules. But we ask you to refrain from doing anything that might jeopardize the conference or other attendees BruCON crew members are there to answer your questions and help you wherever they can. It is unwise to do any illegal activities as law enforcements officers probably will be present at the event.
+
There are no rules. But we ask you to refrain from doing anything that might jeopardize the conference or other attendees. BruCON crew members are there to answer your questions and help you wherever they can. It is unwise to do any illegal activities as law enforcements officers probably will attend the event as well.
 +
 
 
===What is there to do at BruCON?===
 
===What is there to do at BruCON?===
BruCON offers a presentation track and some workshop by some very interesting and bright people bringing some of the most recent in security research. The attendees of the conference can help us shape the event.
+
BruCON offers a presentation track and some workshops by some very interesting and bright people bringing some of the most recent material in security research. The attendees of the conference can help us shape the event.
We welcome anyone with some innovative research, a tool or just to present an interesting website to give a lightning talk. If you want to give an additional workshop, please contact us
+
We welcome anyone with some innovative research, a tool or just to present an interesting website to give a lightning talk or a workshop. If you want to give an additional workshop or need some space for your project, please contact us
 +
 
 +
===What is hacking?===
 +
The term 'hacker' has been misrepresented in popular media for a long time: “Hacking has nothing to do with criminal activities such as identity theft and electronic trespassing! Rather, it [hacker] has been coined at the Massachusetts Institute of Technology (MIT) as a term for curious individuals for whom every device or piece of software is full of exciting challenges to develop potential improvements or discover alternative uses." <br><br>
 +
 
 +
<i>“Anyone who remembers the childhood curiosity and excitement of taking apart radios and other devices to find out how they work is a good example of what is considered a hacker!”</i><br><br>
 +
 
 +
There are a lot of different forms of hacking, most if which don't even involve computers. So computer hacking is only a subset of this.
 +
Computer hacking  is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. <br><br>
 +
 
 +
Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others.<br><br>
 +
 
 +
Since a large number of hackers are self-taught prodigies, some corporations actually employ computer hackers as part of their technical support staff. These individuals use their skills to find flaws in the company’s security system so that they can be repaired quickly. In many cases, this type of computer hacking helps prevent identity theft and other serious computer-related crimes.<br><br>
 +
 
 +
Computer hacking can also lead to other constructive technological developments, since many of the skills developed from hacking apply to more mainstream pursuits. For example, former hackers Dennis Ritchie and Ken Thompson went on to create the UNIX operating system in the 1970s. This system had a huge impact on the development of Linux, a free UNIX-like operating system. <br><br>
 +
 
 +
In comparison to those who develop an interest in computer hacking out of simple intellectual curiosity, some hackers have less noble motives. Hackers who are out to steal personal information, change a corporation’s financial data, break security codes to gain unauthorized network access, or conduct other destructive activities are normally called “crackers” or "blackhats" !!! This type of computer hacking can earn you a trip to a prison for several years and we don't approve of this kind of behaviour.
 +
 
 +
===Can you help me "hack" into the hotmail account of my girlfriend?===
 +
Of course ... NOT, you didn't read or understood the F.A.Q. Please go away.
 +
 
 
===Will there be hackers at BruCON?===
 
===Will there be hackers at BruCON?===
We hope so!!! Many people have different definitions of what is a ‘hacker’. The only one we don't agree with is the mass media definition of 'Hackers' meaning criminals that deface website and break into networks also correctly known as 'crackers'. For us, examples of great hackers are Linus Torvalds, Steve Wozniak or John Draper (Cap'n Crunch).
+
We hope so!!! Many people have different definitions of what is a ‘hacker’. The only one we don't agree with is the mass media definition of 'Hackers' meaning criminals that deface websites and break into networks also correctly known as 'crackers'. "Hackers build things, crackers break them". For us, examples of great hackers are Linus Torvalds or Steve Wozniak who built the first Apple computer in his garage using parts from Radioshack.
 +
 
 +
Although security vulnerabilities in software are also discussed during BruCON, today this is called security research or white-hat hacking to improve our software and infrastructure.
 +
Read more about the term "hacking" and how it evolved in the last 25 years in this great [http://www.wired.com/magazine/2010/04/ff_hackers/all/1 Wired article] or have a look at this documentary [http://video.google.com/videoplay?docid=-5112548212809281320 Hackers are people too] (video)
 +
 
 
===How can I help or participate?===
 
===How can I help or participate?===
 
See [[Participate|Participation]]
 
See [[Participate|Participation]]
 +
 
===How can I speak at BruCON?===
 
===How can I speak at BruCON?===
Unfortunately, our [http://blog.brucon.org/2009/01/brucon-2009-call-for-papers.html Call for Papers] ended the 1st of April. If you have an interesting topic, you can still a short summary of it as a lightning talk.
+
Our Call For Papers (CFP) is open till the end of April 2017. More info can be found on our blog post [http://blog.brucon.org/2017/03/brucon-0x09-cfpcft-announcement.html link]
 +
 
 
===How much is the entrance fee for BruCON===
 
===How much is the entrance fee for BruCON===
Prices start from 50€ for student and 180€ for normal visitors. See [[Tickets]] for details.  
+
See [[Tickets]] for details.
 +
 
 
===BruCON is too expensive, how can I afford it?===
 
===BruCON is too expensive, how can I afford it?===
We did our best to keep prices as low as possible so everyone could attend. There are lots of ways to cut down costs. Find someone to share a room with, pack your own food for the trip etc... Organize a party to collect some money.
+
We did our best to keep prices as low as possible so everyone could attend. We are not making any money out of this. If it's still too much for your budget, there are lots of ways to cut down costs. Find someone to share a room with, pack your own food for the trip etc... Organize a party to collect some money.
 +
 
 +
===Why are there no student tickets?===
 +
Student pricing is available again for a limited number of visitors. If however you are too late the normal ticket price is kept extremely low. With meals included, we believe this is a great price for everyone!!! We will continue to keep prices low and this wouldn't be possible without your help and the help from our many volunteers.
 +
 
 
==Venue==
 
==Venue==
===Is the Surfhouse open 24/24?===
+
This edition will be at the Aula Academica of the Ghent Universitity. Location and Travel information is to be found on the [[Travel]] page.
No, unfortunately not. Opening hours will be from 07u-22u but this might change in the next weeks.
+
 
 
==Accommodation==
 
==Accommodation==
 +
See [[Travel#Accomodation|here]].
  
 
==Transportation==
 
==Transportation==
See [[Travel]] page.
+
See [[Travel#Transportation|here]].
  
 
==Network==
 
==Network==
  
 
===Is there a network at BruCON?===
 
===Is there a network at BruCON?===
We're trying to provide internet access. Primarily it will be a wireless LAN but there will be a limited number of switched ports as well. If you have experience managing wireless LANs, please contact us.
+
There will be internet.
 +
 
 +
BruCON is kindly asking our visitors not to do anything that might jeopardise this event. BruCON and it's members takes no responsibility regarding the illicit use of the network and internet access.  
 +
 
 +
However, we have a CERT (Computer Emergency Response Team). If you suspect any illegal activity, you can contact us and we will take the necessary actions together with the Belgacom Network Team.  
 +
 
 +
Email: cert at brucon dot org <br>
 +
 
 
===What should I bring?===
 
===What should I bring?===
 
That depends on what you want to do at the conference. Bringing a laptop, extra batteries and a long UTP cable might be a good idea if you want to attend workshops or other activities.
 
That depends on what you want to do at the conference. Bringing a laptop, extra batteries and a long UTP cable might be a good idea if you want to attend workshops or other activities.
 +
 +
===Will there be wireless?===
 +
There is free wireless Internet access available.
 +
* SSID: brucon
 +
=== Rules and warnings about using our network/wireless===
 +
'''Disclaimer''': You are responsible for your own dealings and maintaining the security of your information when accessing the Internet or your corporate intranet via the provided Internet access. BruCON can provide no
 +
security because the venue provides access and BruCON does not interfere with or otherwise protect your content.
 +
For that reason, we cannot be, and are not responsible for the security of the information you transmit on the provided Internet access. Using a wireless network during a security conference is not without
 +
security risks.
 +
 +
Reminder: reading/editing information/software/hardware that does not belong to you or was not meant for you does not qualify you as 'l337' it only shows you are an '@$$h0l3'
 +
 +
===Network survival tips===
 +
Here are a few survival tips:
 +
* If possible bring a dedicated device to the conference with a fresh & limited set of (fully patched) applications and data.
 +
* Don't bring confidential data with you and keep your USB sticks away from other participants.
 +
* If you bring your regular device, perform a full backup of your data and restore them after the conference.
 +
* Always encrypt everything! Your disks (TrueCrypt) as your network data (VPN, SSH tunnelling) and avoid unsecured protocols (POP3, IMAP, HTTP-auth, Twitter) like the plague. Do not trust anybody! Be prepared for the worst!
 +
As a security measure and to avoid ARP cache poisoning you can set the MAC address of the gateway statically (static ARP). The gateway IP address and MAC address will be announced later
 +
* On windows the command to set static arp: ''arp -s IP MAC''
 +
* On linux the command to set static arp: ''(sudo) arp -i eth0 -s IP MAC''
 +
 +
Due to the open and unencrypted wireless network available, there are huge risks that people will try to tap your communications with the Internet during the conference. BruCON cannot be held responsible for the loss of confidentiality or potential disclosure of information you transmit over it.
 +
 
==Food==
 
==Food==
 
===Will there be food at Brucon?===
 
===Will there be food at Brucon?===
We are looking for catering that should provide you with sandwiches  or small dishes. However, these are not included in the conference price.
+
Yes, since there is nothing to eat in the neighborhood of the venue, we will provide breakfast, lunch and dinner included in the income price. Taking that into consideration, we are one of the cheapest conferences out there.
 +
 
 +
===Will there be Club Mate at Brucon?===
 +
YES!!!! Courtesy of [http://www.club-mate.be/ Club Mate Belgium]
 +
 
 
===What is the best Belgian Beer?===
 
===What is the best Belgian Beer?===
 +
Come to the BruCON afterparty and find out. We will have several thousands of beer to choose from.
  
 
===What is the perfect remedy against hangovers?===
 
===What is the perfect remedy against hangovers?===
Line 48: Line 128:
  
 
We are promoting some aspects of Belgium like our good Chocolate and fine Beers. Enjoy but use in moderation.
 
We are promoting some aspects of Belgium like our good Chocolate and fine Beers. Enjoy but use in moderation.
 +
 
==This FAQ didn't answer my questions, or was unclear, how can I get further information?==
 
==This FAQ didn't answer my questions, or was unclear, how can I get further information?==
 
Please [[contact]] us if this FAQ didn't answer your questions.
 
Please [[contact]] us if this FAQ didn't answer your questions.

Latest revision as of 10:48, 27 April 2017

About BruCON

What is BruCON?

BruCON is an annual security and hacker(*) conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Belgium, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. BruCON is a conference by and for the security and hacker(*) community.

The conference tries to create bridges between the various actors active in computer security world, included but not limited to hackers(*), security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies, etc.....

(*)Hackers are "persons who delight in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." People who engage in illegal activities like unauthorized entry into computer systems are called crackers and don't have anything to do with hacking. BruCON doesn't promote any illegal activities and behavior. Many hackers today are employed by the security industry and test security software and systems to improve the security of our networks and applications. In addition, for the younger generations, we want to create some awareness and interest in IT students to learn more about IT Security.

How did BruCON start?

BruCON is organized as a non-profit event by volunteers. A group of security enthusiasts decided that it was time in Belgium to have its own security and hacker conference. A lot of countries around the world have these kind of conferences to discuss and present research on computer security and related subject matters. We want to unite people who share the same passion and support the Belgian (research) communities, with BruCON as a yearly highlight. We are not professional organizers and started this as a non-profit organization. We all have full time jobs and dedicate a lot of our free time to this project. Everyone is welcome to join us and help!!

When and where is BruCON?

BruCON Spring Trainings will be between 19 and 21 April 2017. Our regular training track will be hosted between 2 and 4 October followed by our conference on 5 and 6 October 2017.

Where can I get updates about BruCON?

Besides this website we regularly post news and updates on social media. You can find them here :
Blogger logo.jpg,Facebook logo small.png,Twitter logo.jpg, Mailing logo.jpg or Linkedin logo.jpg.

Is there a map for BruCON?

The old one is outdated but we will create a new one for 0x09 (2017) edition

What are the rules of BruCON ?

There are no rules. But we ask you to refrain from doing anything that might jeopardize the conference or other attendees. BruCON crew members are there to answer your questions and help you wherever they can. It is unwise to do any illegal activities as law enforcements officers probably will attend the event as well.

What is there to do at BruCON?

BruCON offers a presentation track and some workshops by some very interesting and bright people bringing some of the most recent material in security research. The attendees of the conference can help us shape the event. We welcome anyone with some innovative research, a tool or just to present an interesting website to give a lightning talk or a workshop. If you want to give an additional workshop or need some space for your project, please contact us

What is hacking?

The term 'hacker' has been misrepresented in popular media for a long time: “Hacking has nothing to do with criminal activities such as identity theft and electronic trespassing! Rather, it [hacker] has been coined at the Massachusetts Institute of Technology (MIT) as a term for curious individuals for whom every device or piece of software is full of exciting challenges to develop potential improvements or discover alternative uses."

“Anyone who remembers the childhood curiosity and excitement of taking apart radios and other devices to find out how they work is a good example of what is considered a hacker!”

There are a lot of different forms of hacking, most if which don't even involve computers. So computer hacking is only a subset of this. Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers.

Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others.

Since a large number of hackers are self-taught prodigies, some corporations actually employ computer hackers as part of their technical support staff. These individuals use their skills to find flaws in the company’s security system so that they can be repaired quickly. In many cases, this type of computer hacking helps prevent identity theft and other serious computer-related crimes.

Computer hacking can also lead to other constructive technological developments, since many of the skills developed from hacking apply to more mainstream pursuits. For example, former hackers Dennis Ritchie and Ken Thompson went on to create the UNIX operating system in the 1970s. This system had a huge impact on the development of Linux, a free UNIX-like operating system.

In comparison to those who develop an interest in computer hacking out of simple intellectual curiosity, some hackers have less noble motives. Hackers who are out to steal personal information, change a corporation’s financial data, break security codes to gain unauthorized network access, or conduct other destructive activities are normally called “crackers” or "blackhats" !!! This type of computer hacking can earn you a trip to a prison for several years and we don't approve of this kind of behaviour.

Can you help me "hack" into the hotmail account of my girlfriend?

Of course ... NOT, you didn't read or understood the F.A.Q. Please go away.

Will there be hackers at BruCON?

We hope so!!! Many people have different definitions of what is a ‘hacker’. The only one we don't agree with is the mass media definition of 'Hackers' meaning criminals that deface websites and break into networks also correctly known as 'crackers'. "Hackers build things, crackers break them". For us, examples of great hackers are Linus Torvalds or Steve Wozniak who built the first Apple computer in his garage using parts from Radioshack.

Although security vulnerabilities in software are also discussed during BruCON, today this is called security research or white-hat hacking to improve our software and infrastructure. Read more about the term "hacking" and how it evolved in the last 25 years in this great Wired article or have a look at this documentary Hackers are people too (video)

How can I help or participate?

See Participation

How can I speak at BruCON?

Our Call For Papers (CFP) is open till the end of April 2017. More info can be found on our blog post link

How much is the entrance fee for BruCON

See Tickets for details.

BruCON is too expensive, how can I afford it?

We did our best to keep prices as low as possible so everyone could attend. We are not making any money out of this. If it's still too much for your budget, there are lots of ways to cut down costs. Find someone to share a room with, pack your own food for the trip etc... Organize a party to collect some money.

Why are there no student tickets?

Student pricing is available again for a limited number of visitors. If however you are too late the normal ticket price is kept extremely low. With meals included, we believe this is a great price for everyone!!! We will continue to keep prices low and this wouldn't be possible without your help and the help from our many volunteers.

Venue

This edition will be at the Aula Academica of the Ghent Universitity. Location and Travel information is to be found on the Travel page.

Accommodation

See here.

Transportation

See here.

Network

Is there a network at BruCON?

There will be internet.

BruCON is kindly asking our visitors not to do anything that might jeopardise this event. BruCON and it's members takes no responsibility regarding the illicit use of the network and internet access.

However, we have a CERT (Computer Emergency Response Team). If you suspect any illegal activity, you can contact us and we will take the necessary actions together with the Belgacom Network Team.

Email: cert at brucon dot org

What should I bring?

That depends on what you want to do at the conference. Bringing a laptop, extra batteries and a long UTP cable might be a good idea if you want to attend workshops or other activities.

Will there be wireless?

There is free wireless Internet access available.

  • SSID: brucon

Rules and warnings about using our network/wireless

Disclaimer: You are responsible for your own dealings and maintaining the security of your information when accessing the Internet or your corporate intranet via the provided Internet access. BruCON can provide no security because the venue provides access and BruCON does not interfere with or otherwise protect your content. For that reason, we cannot be, and are not responsible for the security of the information you transmit on the provided Internet access. Using a wireless network during a security conference is not without security risks.

Reminder: reading/editing information/software/hardware that does not belong to you or was not meant for you does not qualify you as 'l337' it only shows you are an '@$$h0l3'

Network survival tips

Here are a few survival tips:

  • If possible bring a dedicated device to the conference with a fresh & limited set of (fully patched) applications and data.
  • Don't bring confidential data with you and keep your USB sticks away from other participants.
  • If you bring your regular device, perform a full backup of your data and restore them after the conference.
  • Always encrypt everything! Your disks (TrueCrypt) as your network data (VPN, SSH tunnelling) and avoid unsecured protocols (POP3, IMAP, HTTP-auth, Twitter) like the plague. Do not trust anybody! Be prepared for the worst!

As a security measure and to avoid ARP cache poisoning you can set the MAC address of the gateway statically (static ARP). The gateway IP address and MAC address will be announced later

  • On windows the command to set static arp: arp -s IP MAC
  • On linux the command to set static arp: (sudo) arp -i eth0 -s IP MAC

Due to the open and unencrypted wireless network available, there are huge risks that people will try to tap your communications with the Internet during the conference. BruCON cannot be held responsible for the loss of confidentiality or potential disclosure of information you transmit over it.

Food

Will there be food at Brucon?

Yes, since there is nothing to eat in the neighborhood of the venue, we will provide breakfast, lunch and dinner included in the income price. Taking that into consideration, we are one of the cheapest conferences out there.

Will there be Club Mate at Brucon?

YES!!!! Courtesy of Club Mate Belgium

What is the best Belgian Beer?

Come to the BruCON afterparty and find out. We will have several thousands of beer to choose from.

What is the perfect remedy against hangovers?

Don't drink too much beer the day before. ;-)

We are promoting some aspects of Belgium like our good Chocolate and fine Beers. Enjoy but use in moderation.

This FAQ didn't answer my questions, or was unclear, how can I get further information?

Please contact us if this FAQ didn't answer your questions.