Jasper Bongertz
Jasper Bongertz is a network security expert with focus on network forensics and incident response at Airbus Defence and Space CyberSecurity. He started working freelance in 1992 while he was studying computer science at the Technical University of Aachen. In 2009, Jasper became a Senior Consultant and Trainer for Fast Lane, where he created a large training portfolio with a special focus on Wireshark and network hacking. In 2013, he joined Airbus Defence and Space CyberSecurity, before moving on to G Data Advanced Analytics in 2019 where he is now the head of the CyberSecurity Incident Response Team (CSIRT).
Jasper is the creator of the packet analysis tool TraceWrangler, which can be used to convert, edit and sanitize PCAP files. His blog regarding network analysis, network forensics and general security topics can be found at blog.packet-foo.com.
Sessions
Analyzing TCP connections is one of the biggest topics in network analysis in general, especially when troubleshooting applications or even multi-tiered deployments of servers. How TCP works and detecting problems is one of the 'easy to learn, hard to master' skills that is always in demand. Most Wireshark classes only touch the basics and do not go into the more complex scenarios, especially when it comes to multi point captures to track packet loss and timing issues. In this masterclass you will learn how to troubleshoot TCP in seemingly simple as well as complex and quite challenging cases.
Every once in a while there is a need to share actual capture files with others. Maybe a technical support person at a vendor needs packets to troubleshoot a device your company bought. Or you want to ask a more seasoned network analyst for help (the packet doctors at Sharkfest, for example ;)) In many cases it is necessary to remove sensitive information from the capture file first, for example IP addresses or even meta information about the capture itself. There are different ways to achieve the goal of a sanitized capture file, but there are pros and cons to all of them. In this session we'll take a look at the various option so that you know how to share your capture files without exposing sensitive information.