Jasper

Starting a series of tips & tricks for #Wireshark in anticipation of #CLUS and #SF19US. So here we go: Wireshark May 2019 Tip #01: you can use the F7/F8 function keys to scroll through the packet list even if the focus is in the decode or packet bytes pane. #wiresharktips #dfir

@awakecoding Have you considered presenting this kind of talk at Sharkfest? Looks like an interesting topic 😉

If you missed the webinar, here is the video recording for "Decrypting RDP Traffic in Wireshark"! The slides are great, but the one-hour presentation is even better: youtube.com/watch?v=VUHucX…

My webinar "Decrypting RDP Traffic in Wireshark" went well this morning, we had over 150 attendees out of 330 people registered. As promised, here are the slides for the presentation: raw.githubusercontent.com/awakecoding/wi…

Follow along using #XFD12 for this phenominal presention from @Digicert on Digital Trust & demos! linkedin.com/video/live/urn…🔥💻#TH570 #CiscoChampions #AQCrew #XFD12

Tune in for the Live Delegate Roundtable at Security Field Day 12 to kick of the event! @TechFieldDay #XFD12 buff.ly/3QsMJQA

Check out more agenda highlights from the upcoming #sf24eu #Wireshark Dev & User conference: - Beyond Network Latency: Chasing it up the Stack(Josh Clark) - Kerberos Deep Dive(Eddi Blenkers) - Passive Fingerprinting Methods for #IoT Profiling(Asaf Fried) sharkfest.wireshark.org/sfeu

@danieldibswe @Peter_Paluch some professional FPGA based capture devices allow capturing the FCS in cases where that's needed to troubleshoot physical errors. Standard NICs don't, even though there were COTS PCMCIA cards that could when used with a special driver in Sniffer Pro

@Peter_Paluch Thanks, brother!

I was researching something and found this old post from Nick Russo. It's actually an interesting discussion whether to count FCS or not.

Don’t miss your chance to join the industry's best @ SharkFest'24 EUROPE—register to get a spot at the ultimate #Wireshark event. Level up your network analysis skills w/ expert-led sessions & hands-on labs that will transform your approach to networking! sharkfest.wireshark.org/sfeu

More agenda highlights from the upcoming #sf24eu conference: - Dissecting the Client Hello with #Pyshark (Katherine Leese) - Advanced #TCP Troubleshooting (@PacketJay) - Deep Dive Into Traffic Fingerprints using #Wireshark (Luca Deri, Ivan Nardi) sharkfest.wireshark.org/sfeu

Here are some agenda highlights from the upcoming #sf24eu conference! - Capturing WiFi7 (@ikeriri) - Mastering #Wireshark Filtering (@SYNbit) - IPsec VPN Analysis & troubleshooting (Jean-Paul Archier) Join us in Vienna, Austria this fall! (4-8 Nov): sharkfest.wireshark.org/sfeu

More agenda highlights from the upcoming #sf24us conference! 
- Advanced #TCP Troubleshooting (@PacketJay) 
- Filters from a novice; Back to the Basics (Kirsten Stoner, Karinne Bessette) 
- Enhancing Wi-Fi Networks with AI (Murat Bilgic)
 Join us: sharkfest.wireshark.org/sfus

A new video from the SharkFest archives is out! Learn the basics of Wireshark & packet capture with packet expert @PacketJay in his "Packet Capture 101" class from SharkFest'22 US. For more live classes, sign up for #sf24us US! sharkfest.wireshark.org/sfus youtu.be/rWHWOat5_Xg

@rknall @LauraChappell A few years after writing this blog post I can still say that there's nothing I've seen that is more than a Denial of Service at best (meaning, making Wireshark crash and close) - and I doubt that was really the intention. Just don't run Wireshark as root. Period. 😅

@LauraChappell we had a discussion a week ago about this, and I forgot that Jasper already had a blog entry about it. But I think this article will answer a few questions you raised in your comment.

It pops up now and then: Why should you not run #Wireshark as Administrator/root. There are quite a few reasons for that, but a very good discussion about this topic has been written quite a while ago by @PacketJay and I just wanted to bring it up again: blog.packet-foo.com/2018/09/attack…

Elevate your network analysis game with our Core #Wireshark Skills class! Join @packetpioneer & @Bagurdes for labs & real-world examples that will help you solve network issues & #cybersecurity incidents. Don't miss out: early bird registration ends 3/29! sharkfest.wireshark.org/sfus

@rknall @TracketPacer @SYNbit Tracewrangler removes all sensitive details by default, unless you change settings of the anomymization task. So if you run it on your captures with a default task you should be good 😉

@TracketPacer Sounds like a job for tracewrangler.com . What you do need to sanitize is IPv6, IPv4 and MAC. Obviously depending on the protocol also the URLs or UDNs. Depends very much, on which protocols you have, but @PacketJay and @SYNbit would be the #wireshark Core guys to know more

i need wireshark footage (essentially just B roll) for videos but i’m struggling to understand what all i need to sanitize besides the obvious: - anything re: my public IP - anything re: my geo location - all the nasty switch licking fetish sites i visit …any tips?

Kicking off this year's #sf24us conference are @packetpioneer & @Bagurdes! Look at real-world examples of how to use #Wireshark to solve network problems & isolate #CyberSecurity incidents. Labs are designed to give real-world experience with protocols sharkfest.wireshark.org/sfus

@petergjones @Arjantim @JensSoeldner @thectoadvisor Absolutely, looking forward to it! Have fun at Cisco Live!

@PacketJay @Arjantim @JensSoeldner @thectoadvisor Indeed. Next time @PacketJay ?

Eating #cheese with @JensSoeldner and @thectoadvisor in Amsterdam before #CiscoLiveEMEA and #TFDx

Hello #FOSDEM 2024! Hit me up if you want #Wireshark stickers 😁

@KarstenIwen Correct. It's just that I have an ongoing IR at hospital right now, and they're really vulnerable due to low IT budgets and keep postponing MFA. Not using MFA is russian roulette by now, for anyone offering remote access, especially when auth'ed against the AD.

And not only hospitals. This is a must-have for every remote access VPN.