André Luyer
André is a senior Performance Consultant and troubleshooter at Rabobank, and has been analyzing packets for over 25 years. He started his career as a troubleshooter for network issues, both hard- and software, and later specialized in performance testing, which requires a combination of in-depth knowledge of networking protocols and coding skills. André also delivers an in-house ‘Wireshark bootcamp’ training course and contributed to the Wireshark project.
Sessions
More and more traffic is encrypted using TLS: “https is the new tcp”. What if you need to troubleshoot but can’t use decryption? Either because it is hard to do or not allowed.
But based on traffic patterns, or meta data, it is still possible to draw conclusions. Like who is slow, how many applications turns (request/response pairs), size of the data, is the communication efficient (overhead ratio), etc..
This session we cover the methods of analyzing using Wireshark. First part for TLS up to version 1.2. The second part using version TLS 1.3, which is much harder to do, but not impossible.