Navigating with Wireshark
I get a lot of requests from people asking how to use Wireshark, what to look for, and what filters to use. Most people said that they didn’t have time for a five-day course and wanted tips and tricks on how to get going.
Even though I created a 20 minute, $20 course in January (https://www.udemy.com/wireshark-2-fundementals/learn/v4/overview) which was well received, I got requests for the same topics asking for more specifics.
It is important to separate ping and ICMP. Even though ping uses ICMP, ICMP can be used as an error reporting protocol sent by servers, routers, firewalls, etc. I've seen many analysts blindly filter out or ignore ICMP packets, missing valuable clues in their troubleshooting. ICMP can also ‘fix' your applications quietly in the background which can easily break if someone decides to block it without doing his or her homework.
In this video take you through how I captured packets and how to start analyzing ICMP, DNS, and ping packets. I figured I would pick two of the most common protocols that you would encounter in the field. ICMP, DNS, and ping is also something you can play with at home or on most networks.
I cover DNS transaction IDs and how to find/jump to the response packet to determine response time.
I plan to do more articles explaining troubleshooting scenarios and my methodology.
Recommended For You
In honor of St. Patrick’s Day, there’s no better time to reflect on those instants when life threw us a curveball, but we were able to hit a home run.
The success of modern enterprises, especially those utilizing real-time communications solutions, is highly reliant on IT infrastructure availability.
To understand the critical role of HTTP/2 in streamlining operations, we must look back at the technologies and implementation gaps that got us where we are today.
A video overview and best practices on how to reduce broadcasts and find other things to tune.
This is a great example of the perfect storm of variables coming together to cause performance issues. Watch the video to see how the problem was found.
Providers should be making infrastructure work for everyone in 2019, improving efficiency and opening up networks for all apps on their infrastructure.