Use Wireshark? Here's What You Need to Know About Sharkfest 2014
In 10 days the Wireshark global developer and user communities will amass at Dominican University of California in San Rafael for four days of training, hacking, and fun. Now in it’s seventh year, Sharkfest 2014 has a lot of new activities and elements, including fun and games for all ages.*
Last year, I gave you 12 Ways to Go Deep with Wireshark at SHARKFEST 2013. This year I’ve culled the Interwebz for recent writings, videos, and bloggings from or featuring the esteemed presenters to create your updated study guide for Sharkfest. I’ve organized them according to experience level.
Getting your feet wet (beginners)
Introduction to Wireshark with Hands-on Labs
A big new part of Sharkfest this year is a full-day of introductory lessons and labs specifically designed for those new to Wireshark. Led by Wireshark University certified partner, Chris Greer, the full day is spent building fundamental Wireshark skills.
Recommended watching: Optimal Wireshark Setup | Enhance Your Wireshark Experience (with Hansang Bae and Gerald Combs)
Wireshark for Beginners - The Art of Packet Analysis
“Everyone should configure Wireshark to best suit their own workflow and preferences” explains Director of Product Architecture at Riverbed, Hansang Bae (@hansangb). Join Hansang on Tuesday, June 17 at 10:15am for a practical and pragmatic introduction to TCP/IP troubleshooting.
Recommended reading Ask the Experts: Top Wireshark Tips and Tricks from Bae and Combs
Beginner Tips and Tricks for Efficient Network Analysis
“There’s a fear factor whenever I show someone a Wireshark screen filled with packets and hexadecimal numbers and funny names,” says Laura Chappell (@LauraChappell) , founder of Wireshark University. Join Laura on Tuesday, June 17 at 11:45am to learn how to get over the fear factor with 10 key tricks.
Recommended watching: Troubleshooting with Wireshark
The Future of Wireshark: Inside Wireshark Qt and Parting Remarks
When the original creator of Wireshark, Gerald Combs (@geraldcombs), announced the transition from GTK+ to Qt last October, he summarized the reason as this: “Wireshark’s job is to show you what’s happening on your network. If it can’t run on your system then it’s not doing that job.” Join Gerald Combs and Laura Chappell on Thursday, June 19 at 4:45pm for an inside look at Wireshark Qt and closing remarks.
Recommended reading We’re switching to Qt.
Wading in to the surf (intermediate)
How to Troubleshoot the Top 5 Causes for Poor Application Performance with Wireshark/Pilot
Mike Canney (@mikecanney) once proclaimed “Pilot changed my life.” Recently renamed SteelCentral Packet Analyzer, Pilot is a troubleshooter’s best friend. Join Mike on Tuesday, June 17 at 3:45pm for case studies in many simple, but common mistakes and issues.
Recommended reading: Upgrade your application performance troubleshooting skills
Getting the Most out of Your SDN
“SDN opens opportunities for novel constructions in Layers 4 to 7 that solve real operational problems in data centers,” suggests Steve Riley, technical director in the Office of the CTO at Riverbed. Join Steve on Wednesday, June 18 at 11:45am to learn about innovations in SDNs beyond the basic plumbing.
Recommended reading: SDN vs. OpenFlow vs. NFV vs. network programmability, etc. – A laywoman’s guide
Wireshark in the Large Enterprise
The bigger the enterprise, the more data, the more packets, and the more complexity you will find. “The big complex issues that cause the majority of war-room situations are the ones where applications, networks, databases, and servers collide,” explains Hansang Bae, who led network performance engineering at Citi. Join Hansang on Wednesday, June 18 at 3:15pm to learn how to “go big” as you “go deep”.
Recommended reading: Big Data, End-to-End Visibility Key to Solving Today’s Tough Problems
Diving deep (advanced)
Custom Packet Analysis and Visualization with SteelScript Application Framework
“Automation becomes a key way to ensure that your networks are reliable, that you can make changes in a timely fashion, and that you can respond quickly to problems,” says Christopher White (@flyscripter), Senior Director of the Riverbed Technology Council. Join Chris on Tuesday, June 17 at 2:15pm to learn how you can use Riverbed’s developer tools to automate packet analysis customized to your needs.
Recommended reading: SteelScript for custom IT applications
No, really, how much of a Wireshark nerd are you? And, can you give your answers in the form of a question? Make Alex Trebek proud during the new Sharkfest Jeopardy! on Tuesday, June 17 at 8:30pm.
Recommended reading: Start studying now by catching up on past Sharkfest conferences!
Dive Even Deeper - Capturing, Analyzing and Filtering System Events
The creator of WinPCap, Loris Degioanna, is at it again! Join Loris and Davide Schiera (@DavideSchiera) on Wednesday, June 18 at 1:45pm to learn about adding a new dimension to captures for system event details.
Recommended watching: Loris Degioanni on Using Wireshark, Pilot, and Cascade to Solve Network Issues
If you like TEDTalks, you’ll love this new portion of Sharkfest, where attendees give 5 minute talks with “little crunchy bits of wisdom”. Expect to be inspired and informed by what members of the community have learned on Thursday, June 19 9:00am
Recommended reading: As an example of an insightful use of packet analysis, check out P.J. Malloy’s post on How to Detect a Prior Heartbleed Exploit, as well as Chris White’s Python script to detect a prior OpenSSL Heartbleed exploit from Shark or PCAP file.
Whether you’re packing your bags for San Rafael, CA or drooling over the expert-packed agenda, I hope this study guide has been helpful. Either way, everyone can attend a live virtual event with Gerald Combs and Hansang Bae on June 11 at 11am PT/2pm ET. Register today for the second part of the series, on Measuring Throughput with Wireshark and Riverbed.
*Evidently, the not-quite-ready-for-preschool set is also excited about Sharkfest