Network
As usual, we will provide a fast wired and wireless network. You can find some live stats about the event and the network here on our event dashboard.
Rules of Conduct
- Be fair! Do not do to others what you do not wish done to yourself!🌈
- Protect your computer! Make sure your operating system is up to date and your firewall is enabled before arriving at the congress.
- If you want to download terabytes of data, you are better off connecting to the wired network.
- While we are quite able to find and disconnect you in case of network misuse, we prefer not to have to do so. Respect other visitors. Be aware that we cannot prevent law enforcement from acting within or related to our network.👮🚨🚔
- Do not run your own DHCP server.
- Do not send IPv6 Router Advertisements.
- Do not ARP spoof or otherwise impede the operation of the network.
- If you want to run your own wireless equipment, there are a few additional rules.
Wired
There will be wired 100BASE-TX/1000BASE-T/10GBASE-T ethernet in the assembly areas.
In HalleH there will be 100BASE-TX/1000BASE-T and a limited amount of SFP+ ports avaible.
Wired connections are completely unfiltered and will receive a public IP address. If you have (older) devices that cannot be trusted with unrestricted incoming connections, bring a firewall.
Wireless
You can’t live without wireless access, so we’ve built an awesome wireless network again. The following WiFi networks are provided on 2.4 GHz, 5 GHz and in some places even on 6GHz:
SSID | Security | |
---|---|---|
38C3 |
WPA3 Enterprise 802.1X | ✅ NOC recommended ✅ |
38C3-open |
Open (OWE supported) |
We recommend you use the 38C3
network. For the highest security, this requires some configuration, which we’ve documented here:
Connecting in this way allows your device to authenticate our wireless infrastructure, preventing your traffic from being intercepted by a malicious access point.
The 38C3
network requires a username and password — you can use 38C3/38C3 or any random username and password, because we don’t care who you are, we just want to encrypt your data. There are some special credentials which you can use to modify the firewall behaviour.
The 38C3-open
network supports Opportunistic Wireless Encryption (OWE) which will automatically provide security comparable to a normal WiFi network with a shared password, if your device supports OWE. Otherwise, it will be completely unencrypted.
Keep in mind that wireless security won’t protect you from network attacks and you should still be aware that you are at a hacker conference! By default, wireless devices are firewalled from the Internet, but inbound connections from other users on the congress network are still allowed.
Services VLANs
We have a few special usernames and passwords which you can use when connecting to the 38C3
network, which allow you to modify the firewall behaviour:
Username | Password | Comments |
---|---|---|
38C3 | 38C3 | (Or any random username and password.) Filtered connection with public IP address. Inbound connections from the rest of the event are possible, but connections from the Internet are blocked. |
outboundonly | outboundonly | Filtered connection with public IP address. Inbound connections from the Internet or event are not possible. |
allowany | allowany | Unfiltered connection with public IP address. |
v6only | v6only | IPv6 only connectivity (with NAT64). |
We’re using WPA3 802.1X to push your client into the correct VLAN. This keeps the number of SSIDs broadcast to a minimum, saving airtime.
Rules for wireless equipment
Please don’t set up your own access point if at all possible. Wireless airtime is a precious commodity at hacker events, and every additional wireless network will transmit 802.11 beacons and management frames, slowing down wireless connectivity for everyone in the area.
If you have no other choice (for running experiments and such), please be nice and follow these rules:
- Do not operate non-WiFi equipment in these frequencies.
- 2.4GHz: use channels 1, 5, 9 or 13 @ 20 MHz. Disable 802.11b.
- 5GHz: use channels 36 or 140 @ 20 MHz.
- Use a minimum data and beacon rate of 12 Mbit/s. Beacon interval 100 ms or higher.
- Limit the number of broadcasted SSIDs per radio to 1 or 2. No SSID spamming is allowed.
- Do not prefix your broadcasted SSID(s) with “38C3”. Do not use other well-known SSIDs.
- Do not use high-gain antennas.
- Limit your transmit power as much as possible, for example to 6 dBm or 4 mW.
Co-location
As usual, there will be a co-location service. More details are published on this page
Contact us
Do you have some special requirements not listed above? We can try to help! You can contact us in English via hello@c3noc.net. We might also post some updates on https://chaos.social/@c3noc/ if we have time.
Supporters
This is a list of organisations providing network hardware and connectivity. We couldn’t build the network without them – plus a few unlisted - and we thank them their support.
Who | For | |
---|---|---|
http://www.babiel.com/ | Servers | |
http://www.bcix.de/ | Peering | |
https://c3value.de/ | Consultancy services | |
http://www.telekom.com/ | IP Upstream | |
https://eventinfra.org/ | Network equipment loan | |
https://www.flexoptix.net/ | Network equipment loan | |
https://www.i3d.net/ | Network equipment loan | |
https://www.iphh.net/ | DF to CCH, Colocation | |
https://www.juniper.net/ | Network equipment loan | |
https://www.lwlcom.net/ | IP Upstream | |
https://www.wilhelm-tel.de/ | IP Upstream |