Archive for October, 2016

  1. The Network Capture Playbook Part 2 – Speed, Duplex and Drops

    In part one of the playbook series we took a look at general Ethernet setups and capture situations, so in this post (as in all others following this one) I’ll assume you’re familiar with the topics previously discussed. This time, let’s check out how speed and duplex can become quite important, and what “drops” are […]

  2. Trace File Case Files: SMB2 Performance

    We had an interesting question regarding SMB2 performance on the Wireshark Q&A forum recently. Upon request the person asking the question was able to add a couple of trace files (=”capture” files).  The question and a link to the traces can be found here: Since the question nicely fits into the scope my talk […]

  3. Sharkfest Europe 2016 Retrospective

    Finally, the annual Wireshark developer and user conference happened in Europe for the first time in October 2016 at the Hotel Papendal in Arnhem, the Netherlands. It was something many people kept asking for, and with a lot of work and effort, Janice and her team made it happen.

  4. The Network Capture Playbook Part 1 – Ethernet Basics

    Capturing network packets is the first step in any kind of network analysis or network forensics situation. Few people ever consider this an important step, but this is really where the analysis result can be heavily distorted if you’re not careful. During Sharkfest 2016 I talked about how important the capture process and it’s preparations […]