Archive for the ‘CaseStudy’ category
Analyzing a failed TLS connection
Summary This post demonstrates how to correlate two or more trace files to analyze a broken connection. We identify the root cause and gather information about the network topology. Tracefiles are available at http://www.packet-foo.com/blog/TLS/Skype.zip We assume that the reader is familiar with TCP basics like session setup, retransmissions, window size etc.
SMB System Error 384
This blog post highlights a very specific detail of Microsoft’s implementation of SMB. It might help those, who try to get rid of SMB version 1 and support staff dealing with inaccessible file shares.
System Error 58 – Wireshark to the rescue
The other day I was called to investigate a problem where a user could no longer mount a share. The client was running Windows 7. The user got the somewhat obscure message “System error 58 occurred”.
Trace File Case Files: SMB2 Performance
We had an interesting question regarding SMB2 performance on the Wireshark Q&A forum recently. Upon request the person asking the question was able to add a couple of trace files (=”capture” files). The question and a link to the traces can be found here: https://ask.wireshark.org/questions/55972/slow-writes-even-slower-reads-spanning-wan-to-netapp Since the question nicely fits into the scope my talk […]