94 posts categorized "Wireshark" Feed

Sharkfest 2018 - TCP Fundamentals Part 1 (by Chris Greer)

TCP is a huge component of the reliable delivery of applications. You are using it at this moment to access and read this article. You are probably using it to deliver most - if not all - of your business critical services on your network. 

But how does TCP "do it's thing?"

Why is the network often blamed even when a TCP-based problem is the real culprit? 

Understanding how TCP works will help network engineers of all experience levels to be better troubleshooters. It will help them fix slow networks, identify the root cause of application issues, and finally get answers to perplexing performance questions. This video, recorded at Sharkfest USA 2018 in Mountain View, California, gives an overview of the fundamentals of TCP. 

Sit back, grab some popcorn, and copy of Wireshark. Let's learn more about TCP! 


Author Profile - Chris Greer is the Chief Packet Head for Packet Pioneer LLC and a Certified Wireshark Network Analyst. Chris regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. Chris also delivers training and develops technical content for Wireshark and for several analysis vendors. Got packet questions? Let's get in touch!

Chris Greer Packet Pioneer Logo



SharkFest US ’18 - The 20th anniversary of Wireshark! A recap by the ProfiTAP Team!  (by Rick Van Werven)

SharkFest US ’18 recap from the eyes of a Very Happy Sponsor!  

Another SharkFest has ended and, long story short, it was a great success!

The 11th annual SharkFest 2018 Wireshark Developer and User Conference took place at the Computer History Museum in Mountain View, CA, between June 25 - 28.

This year it also celebrated 20 years of Wireshark, the most popular open source packet analyzer that is used world wide by millions (probably Billions) of network, performance and security analysts and data technologists.

 Congratulations Gerald Combs,  the Wireshark Developers and Wireshark World Team!

Gerald Combs - Founder of Wireshark with long time Sharkfest instructor and

WWW.Lovemytool.com author Chris Greer

Gerald and chris


Happy Birthday Wireshark from the Profitap team -

SharkfestÁngel Luis Flórez Parra (left) and Geoffrey Kempenich (Right) of ProfiTAP with Wired "shark"

 SharkFest is a great event for Profitap and other vendors to attend as a sponsor, because of the unique chance to get feedback from the Top Technologists, Wireshark developers and Real World users.

This year ProfiTAP focused on solutions that when combined with Wireshark can forge Packet Analysis Heroes.  Network Heroes Favorite Capture Tool Solution at SharkFest’18 US

Network Heroes Banner

Read and see more of Sharkfest 2018 - The 20th anniversary of Wireshark!


Continue reading "SharkFest US ’18 - The 20th anniversary of Wireshark! A recap by the ProfiTAP Team!  (by Rick Van Werven)" »

Troubleshooting a Cloud Problem with Wireshark (by Paul Offord)

The slowly growing interest in Cloud Computing that started ten or so years ago is turning into a stampede.  Most of our customers at Advance7 have strategic plans to migrate many systems to a cloud platform, and many have already started the journey.

Cloud application topology

In fact, we too have migrated all of our systems into AWS and Azure, containerising many of them in the process. But here's a concern we shared with our customers:

"Will we have enough visibility to troubleshoot performance and stability problems once we have migrated our systems?"

It's a good question.  We don't want to discover that the whole environment is opaque, just when we need to troubleshoot a serious problem.  We satisfied ourselves that we could get the data we needed to maintain our systems.  We found that we could get a lot of information from the Application Load Balancers, and we configured continuous packet captures to record traffic between the tiers of our systems.  Just as well as a couple of months ago we hit a performance problem with the TribeLab Community website.

I managed to record the actions of our Performance & Stability Engineers as they used AWS CloudWatch and Wireshark to investigate the problem.  I pulled together screenshots, video clips and other information to produce a short video case study …

Continue reading "Troubleshooting a Cloud Problem with Wireshark (by Paul Offord)" »

Wireshark Quick Tip - Opening Two Traces At Once on Mac OS (by Chris Greer)

Hey packet people!

If you are a Mac user and you need to do a side-by-side analysis of two trace files using Wireshark, this video will show you how. I got this tip from Mr. Gerald Combs himself. Thanks Gerald! 

Just wanted to post this in time for Sharkfest next week. You know, so you can follow along with the instructor while comparing a trace from your environment.

Continue reading "Wireshark Quick Tip - Opening Two Traces At Once on Mac OS (by Chris Greer)" »

Managing Wireshark Packet Comments (by Tony Fortunato)

In my opinion, Wireshark's File and Packet comments are the most under utilized features.

When I work onsite and capture packets, I get a lot of questions ranging from tool use and of course, packet interpretation.

Other than providing some customized onsite training (I no longer offer public training sessions) or mentoring, knowledge transfer is always challenging.

Providing file comments helps document why and where you performed the trace and any other noteworthy points. Notes such as a problem description, if SPAN or TAP are used are incredibly helpful when others look at the trace file.

Packet comments are even more important since you can explain protocol, application behavior and problems within the related packets.

It doesn't matter if the notes are to jog your memory 6 months from now or if you are sending the trace to another department/vendor.  Anyone will find the comments helpful reducing a lot of the typical back and forth involved when you share a trace file.

In this video I cover how to add, find and remove packet comments.



Continue reading other LoveMyTool posts by Tony Fortunato »