TAP Into Technology | Blog

Packet Challenge at Sharkfest - A Great Way to Test Your Skills!

Posted by Chris Greer on 6/20/17 8:00 AM

This year at Sharkfest, Garland Technology is sponsoring the group packet challenge (Thank you!).

As packet-heads, we all enjoy digging through trace files and finding the hidden gems that lead to resolving a problem. If most of our capturing experience is from a single network or enterprise, it can be hard to grow in new areas and pick up new tricks in packet analysis. Sharkfest is an excellent way to hone our skills and bring our art of analysis to a new level.

The group packet challenge at Sharkfest is designed to bring together Wireshark users from all skill levels in a timed team event. Participants are given several trace files and a question sheet, then as a team they race to find the answers. Typically, the packet challenge will require them to use areas of Wireshark that they may not be as familiar with, which can teach them new things about the analyzer in a fun setting. 
Read More

Topics: Network TAPs, Events & News, Wireshark, Sharkfest

Are my Packets Lying? - 4 Things to Look for in Packet Traces

Posted by Chris Greer on 6/13/17 8:00 AM

Packets don’t lie – well, most of the time.

They tell the truth unless they have been captured incorrectly. In those cases, packets can tell bold-faced lies.

When digging through trace files, we can come upon symptoms in the packets that may raise an eyebrow. These are events that look strange on the surface and may even divert our troubleshooting focus for a time. In fact, some of these issues have misdirected engineers for hours, if not days, causing them to chase down issues and events that simply did not exist on the wire.

Read More

Topics: Network TAPs, TAPs vs SPAN, Wireshark

[Video] VLAN Analysis with Wireshark 2.0

Posted by Tony Fortunato on 5/16/17 8:00 AM

When I teach Wireshark classes, I commonly get asked, “What do I do when I get back to my desk?”, “What if I can’t span a port, or don’t have a TAP?”

I typically show my attendees dozens of “Baselines” that would only take a few minutes to complete.

Here’s an example of one of my favorite baselines; Start a capture and analyze whatever you see. No taps, span or mirror ports.

Read More

Topics: Network Visibility/Monitoring, Wireshark

[Video] How To Determine DHCP Option 60 Value Using Wireshark

Posted by Tony Fortunato on 4/11/17 8:00 AM

There are an increasing number of network attached devices, and trying to keep them organized gets to be challenging. Since different devices might require different IP configuration settings and statically configuring them isn’t realistic.

There are several approaches to deal with this.

Read More

Topics: Network Visibility/Monitoring, Wireshark

[video] Observing The Impact Multiple Default Gateways With Wireshark

Posted by Tony Fortunato on 2/16/17 8:00 AM

I was speaking with a client the other day and they were asking me how Microsoft behaves if a device has two default gateways.

One thing I have to say about my job and clients, I always get interesting scenarios and questions to figure out.

Read More

Topics: Network TAPs, Network Visibility/Monitoring, Wireshark

SharkFest Europe: A Common Interest to Better Learn How to Analyze Captured Network Traffic

Posted by Erik Hjelmvik on 11/24/16 8:00 AM

For packet geeks like me, the annual Wireshark conference SharkFest is the place to be in order to meet and network with other packet geeks. However, for various reasons I haven't been able to attend SharkFest before. So when my friend Jasper Bongertz mentioned that there was going to be a SharkFest conference here in Europe I felt that this was a chance I just couldn't miss.

Read More

Topics: Events & News, Network Visibility/Monitoring, Wireshark