LAS VEGAS -- Packed rooms, 110-degree heat and a crowd that seemed significantly older than years past. That was DEF CON 2000.
While more than 4,000 people crowded the less-than-posh Alexis Hotel in
Las Vegas to hear and see the latest on hacking, network security and
alternative lifestyles, angst-black -- the fashion of choice at
previous DEF CONs -- was matched by the khaki shorts and vendor
T-shirts worn by system administrators and government workers.
It seems that DEF CON is becoming -- dare I say it? -- legit.
Following as it does on the $1,000-a-head Black Hat Briefings security
conference, DEF CON gets a hefty infusion of its attendance from that
corporate venue. Routinely, system administrators and security product
managers attend Black Hat and then rubberneck at DEF CON.
There was a lot less to rubberneck over this year. Less blue
hair. Less body piercing. In fact, it seemed that hackers might finally
be ready to throw off the mantle of being the maladjusted part of
Conversations with members of the capture-the-flag hackathon
-- where teams compete to compromise the most servers (each installed
by a DEF CON volunteer) -- revealed that hacking is considered "fun"
for the likes of university system administrators, Web hosting service
managers and Internet service provider security specialists.
Unfortunately, such image improvements took a blow when the Cult of the Dead Cow, a hacking group, performed to a packed crowd.
While at past DEF CONs, the cDc presented their Back Orifice hacking
tool, this year -- as at Hacking on Planet Earth 2000 (H2K) in New York
-- the loose group of hackers performed far more than they programmed.
While a tad "better" (I hesitate to use that word) than the excretory
on-stage antics at H2K earlier this month, the panoply of fake blood,
fake sex and downright lack of taste regressed the public portrait of
hackers back to the Cambrian Age.
More than ever, DEF CON showed that the term "hacker" is a state of mind, not an occupation.
The U.S. government, at least, hopes to capitalize on all those
responsible individuals who like to hack, but would like to do so while
saluting the flag.
At the beginning of DEF CON, Arthur Money, assistant
secretary of defense for the U.S., put out a call for hackers to join
the government or become a government consultant and help secure the
nation's networks. To help those hackers who suddenly got the itch to
enlist, a Marine sergeant stood by to take their name. Hoorah!
Whether its the government's plan for a Federal Intrusion
Detection Network, or FIDNet, or some other reason, intrusion detection
systems were all the rage at Black Hat and DEF CON.
Intrusion detection involves using a packet sniffer -- like
the FBI's infamous Carnivore -- to sift through all the information
aimed at a network. By analyzing the packets, a good intrusion
detection system can spot attacks before, or as, they happen.
A session at Black Hat and four sessions at DEF CON had
attendees bunched at the door to see the newest techniques to detect
attacks. Of course, at DEF CON the main focus was how to avoid
So much for the latest technique to keep hackers out of the networks.