06-18, 10:15–11:15 (America/New_York), Potomac Ballroom
Duplication tells us the key to troubleshoot the problems.
When you troubleshoot or investigate network and security problems, duplications are good indicators to find the clues. We use Wireshark and CLI tools to find, recognize and dissect the network/security anomalies to solve the issues. Duplications exist in every layer in a trace file, so we follow each layer to check protocol-specified troubleshooting points.
In this session, you can learn how to find duplications in each layer of a trace file, the meanings implied by duplications in the trace with TIPS and tricks of TIPS display filters and major plugins of Wireshark/tshark.
We troubleshoot and investigate the issues using ARP/IP/TCP and major basic protocols. Duplications is one of the best anomalies to understand the packets.
Megumi Takeshita, packet otaku, runs a packet company, ikeriri network service in Japan. Ikeriri offers services such as packet analysis for troubleshooting, debugging, security inspection. Ikeriri is also a reseller of wired/wireless capture and analysis products. Megumi has authored 10+ books about Wireshark and packet analysis. She also instructs Wireshark for Japanese companies including Japan Self Defense Forces and Chuo university as lecturer. She is one of contributors to the Wireshark projects including Japanese localization.