Archive for the ‘Conferences’ category
Sharkfest 2018 EU
I’m back from Sharkfest EU 2018 and once again it was a great conference. This time, many core developers and instructors brought their families along, so it felt even more like a family gathering than ever before.
Installing Moloch on Debian 9 Stretch
Moloch is a tool that builds on Elasticsearch to process large numbers of network packets, either from a live network or from imported PCAP files. This is how I installed it on a Debian 9 server.
A look at Cisco Tetration
Once again I was invited to join the group of delegates for Tech Field Day Extra at Cisco Live 2018 in Barcelona, with various presentations covering a number of new and improved Cisco technologies. One of them I had seen already last year at the same event in Berlin, but hadn’t had the time to […]
Sharkfest 2017 EU Recap
In 2017 the Sharkfest Wireshark user and developer conference happened once again in Europe – in the Hotel Palacio Estoril in Portugal, to be more specific.
Sharkfest 2017 US Recap – 10 years of Sharkfest!
Time always flies at Sharkfest, the annual Wireshark conference, and the 2017 edition – being the 10th Sharkfest in the US – has been no exception. On Friday Sake and me talked about how fast the 3 day conference had felt and we both agreed that “hm, it seems just to have started moments ago […]
Sharkfest Europe 2016 Retrospective
Finally, the annual Wireshark developer and user conference happened in Europe for the first time in October 2016 at the Hotel Papendal in Arnhem, the Netherlands. It was something many people kept asking for, and with a lot of work and effort, Janice and her team made it happen.
Sharkfest 2016 recap
Another Sharkfest has come and gone, and once again it has been a great conference. If you’re into packet analysis, network forensics or network troubleshooting there is no other event that has the same density of information. It’s really a “specialist” conference, in a very open and friendly way, and newcomers are always welcome.
Megalodon challenge solution
During Sharkfest 2015 I put up a challenge that was different from the usual challenges offered. The pcap files are a lot bigger, the task to solve less specific, and the answer not a simple “easy to verify” answer. I promised to put up my solution a few months after posting the challenge to this […]
Verifying IoCs with Snort and TraceWrangler
After detecting a network breach it is a good idea to scan the network for further Indicators of Compromise (IoC) to check for further malicious activity. The IoCs are usually derived from forensic investigations into network packets and compromised hosts, and can be quite unique when it comes to more sophisticated attacks (let’s avoid mentioning […]
The Megalodon Challenge
This year at Sharkfest I offered a special capture file challenge I called “The Megalodon Challenge”. Other than the “normal” challenges you could find at The Reef it was not limited to the size of 100MB, and the solution cannot be reduced to a couple of words or numbers. After Sharkfest I was asked if […]