Network

As usual, we will provide a fast wired and wireless network. You can find some live stats about the event and the network here on our event dashboard.

Rules of Conduct

  • Be fair! Do not do to others what you do not wish done to yourself!🌈
  • Protect your computer! Make sure your operating system is up to date and your firewall is enabled before arriving at the congress.
  • If you want to download terabytes of data, you are better off connecting to the wired network.
  • While we are quite able to find and disconnect you in case of network misuse, we prefer not to have to do so. Respect other visitors. Be aware that we cannot prevent law enforcement from acting within or related to our network.👮🚨🚔
  • Do not run your own DHCP server.
  • Do not send IPv6 Router Advertisements.
  • Do not ARP spoof or otherwise impede the operation of the network.
  • If you want to run your own wireless equipment, there are a few additional rules.

Wired

There will be wired 100BASE-TX/1000BASE-T/10GBASE-T ethernet in the assembly areas.

Wired connections are completely unfiltered and will receive a public IP address. If you have (older) devices that cannot be trusted with unrestricted incoming connections, bring a firewall.

Wireless

You can’t live without wireless access, so we’ve built an awesome wireless network again. The following WiFi networks are provided on 2.4 GHz, 5 GHz and in some places even on 6GHz:

SSID Security
37C3 WPA3 Enterprise 802.1X ✅ NOC recommended ✅
37C3-open Open (OWE supported)

We recommend you use the 37C3 network. For the highest security, this requires some configuration, which we’ve documented here:

Connecting in this way allows your device to authenticate our wireless infrastructure, preventing your traffic from being intercepted by a malicious access point.

The 37C3 network requires a username and password — you can use 37C3/37C3 or any random username and password, because we don’t care who you are, we just want to encrypt your data. There are some special credentials which you can use to modify the firewall behaviour.

The 37C3-open network supports Opportunistic Wireless Encryption (OWE) which will automatically provide security comparable to a normal WiFi network with a shared password, if your device supports OWE. Otherwise, it will be completely unencrypted.

Keep in mind that wireless security won’t protect you from network attacks and you should still be aware that you are at a hacker conference! By default, wireless devices are firewalled from the Internet, but inbound connections from other users on the congress network are still allowed.

Services VLANs

We have a few special usernames and passwords which you can use when connecting to the 37C3 network, which allow you to modify the firewall behaviour:

Username Password Comments
37C3 37C3 (Or any random username and password.) Filtered connection with public IP address. Inbound connections from the rest of the event are possible, but connections from the Internet are blocked.
outboundonly outboundonly Filtered connection with public IP address. Inbound connections from the Internet or event are not possible.
allowany allowany Unfiltered connection with public IP address.
v6only v6only IPv6 only connectivity (with NAT64).

We’re using WPA3 802.1X to push your client into the correct VLAN. This keeps the number of SSIDs broadcast to a minimum, saving airtime.

Rules for wireless equipment

Please don’t set up your own access point if at all possible. Wireless airtime is a precious commodity at hacker events, and every additional wireless network will transmit 802.11 beacons and management frames, slowing down wireless connectivity for everyone in the area.

If you have no other choice (for running experiments and such), please be nice and follow these rules:

  • Do not operate non-WiFi equipment in these frequencies.
  • 2.4GHz: use channels 1, 5, 9 or 13 @ 20 MHz. Disable 802.11b.
  • 5GHz: use channels 36 or 140 @ 20 MHz.
  • Use a minimum data and beacon rate of 12 Mbit/s. Beacon interval 100 ms or higher.
  • Limit the number of broadcasted SSIDs per radio to 1 or 2. No SSID spamming is allowed.
  • Do not prefix your broadcasted SSID(s) with “37C3”. Do not use other well-known SSIDs.
  • Do not use high-gain antennas.
  • Limit your transmit power as much as possible, for example to 6 dBm or 4 mW.

Co-location

As usual, there will be a co-location service. More details are published on this page

Contact us

Do you have some special requirements not listed above? We can try to help! You can contact us in English via hello@c3noc.net. We might also post some updates on https://chaos.social/@c3noc/ if we have time.

Supporters

This is a list of organisations providing network hardware and connectivity. We couldn’t build the network without them – plus a few unlisted - and we thank them their support.

Who For
Logo of babiel http://www.babiel.com/ Servers
Logo of bcix https://www.bcix.de/ Peering
Logo of dtag http://www.telekom.com/ IP Upstream
Logo of eventinfra https://eventinfra.org/ Network equipment loan
Logo of flexoptix https://www.flexoptix.net/ Network equipment loan
Logo of globalways https://www.globalways.net/ Network equipment loan
Logo of i3d https://www.i3d.net/ Network equipment loan
Logo of iphh https://www.iphh.net/ DF to CCH, Colocation
Logo of juniper https://www.juniper.net/ Network equipment loan
Logo of lwlcom https://www.lwlcom.net/ IP Upstream, Line to BCIX
Logo of n@work https://www.work.de/ Servers
Logo of noscito https://noscito.network/ Network equipment loan
Logo of wilhelm.tel https://www.wilhelm-tel.de/ IP Upstream