0.40 sharkfest-25-us-2024 2025-06-14 2025-06-19 6 00:05 https://conference.wireshark.org https://conference.wireshark.org/media/sharkfest-25-us-2024/img/sf_logo_big_LlJeIZA.png US/Eastern Grand Ballroom Salon E Pre Conference Class 2025-06-14T09:00:00-04:00 09:00 08:00 Level up your Wireshark skills and get ready for Sharkfest! This hands-on course will provide core Wireshark skills for IT pros of all experience levels. Participants will gain a solid understanding of how to use Wireshark to capture, analyze, and troubleshoot network traffic. The course is designed with beginners in mind, but even seasoned packet people will pick up new tips and tricks. sharkfest-25-us-2024-96-0-pre-conference-class-i-essential-wireshark-skills-practical-packet-analysis-2-day-class Pre-conference class Chris GreerRoss Bagurdes en Topics Covered: Introduction to network analysis and the role of Wireshark Installing and configuring Wireshark Analyzing captured packets, understanding protocol structures, and identifying network issues Utilizing powerful filtering techniques to isolate specific traffic and find the packets that matter Deep Dive into ARP, IP, ICMP, DNS, DHCP, TCP, UDP, QUIC, HTTP, TLS, and much more! Working with command-line tools like TShark true https://conference.wireshark.org/sharkfest-25-us-2024/talk/RHMSGK/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/RHMSGK/feedback/ Grand Ballroom Salon E Pre Conference Class 2025-06-15T09:00:00-04:00 09:00 08:00 Level up your Wireshark skills and get ready for Sharkfest! This hands-on course will provide core Wireshark skills for IT pros of all experience levels. Participants will gain a solid understanding of how to use Wireshark to capture, analyze, and troubleshoot network traffic. The course is designed with beginners in mind, but even seasoned packet people will pick up new tips and tricks. sharkfest-25-us-2024-96-1-pre-conference-class-i-essential-wireshark-skills-practical-packet-analysis-2-day-class Pre-conference class Chris GreerRoss Bagurdes en Topics Covered: Introduction to network analysis and the role of Wireshark Installing and configuring Wireshark Analyzing captured packets, understanding protocol structures, and identifying network issues Utilizing powerful filtering techniques to isolate specific traffic and find the packets that matter Deep Dive into ARP, IP, ICMP, DNS, DHCP, TCP, UDP, QUIC, HTTP, TLS, and much more! Working with command-line tools like TShark true https://conference.wireshark.org/sharkfest-25-us-2024/talk/RHMSGK/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/RHMSGK/feedback/ Grand Ballroom Salon E Pre Conference Class 2025-06-16T09:00:00-04:00 09:00 08:00 Analyzing TCP connections is one of the biggest topics in network analysis in general, especially when troubleshooting applications or even multi-tiered deployments of servers. How TCP works and detecting problems is one of the 'easy to learn, hard to master' skills that is always in demand. Most Wireshark classes only touch the basics and do not go into the more complex scenarios, especially when it comes to multi point captures to track packet loss and timing issues. In this masterclass you will learn how to troubleshoot TCP in seemingly simple as well as complex and quite challenging cases. sharkfest-25-us-2024-98-pre-conference-class-ii-tcp-analysis-masterclass Pre-conference class Jasper Bongertz en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/9BUZJY/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/9BUZJY/feedback/ Grand Ballroom Salon E Dinner 2025-06-16T17:30:00-04:00 17:30 03:00 Let's kick off the conference in style sharkfest-25-us-2024-99-sharkfest-25-us-welcome-dinner-sponsor-showcase Organization en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/SVDV8Z/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/SVDV8Z/feedback/ Grand Ballroom Salons A-D Pre Conference Class 2025-06-16T09:00:00-04:00 09:00 08:00 The applications of today depend more and more on secure communication channels. For most internet applications the TLS protocol (still mostly referred to as SSL) is providing the secure channel to communicate over. To be able to troubleshoot problems with Applications that use (mutual) TLS, one must understand how TLS sessions are set up, how certificates and certificate authorities come into play and how you can look inside the encrypted traffic to analyse the (cleartext) application data. In this session you will gain a better understanding of the operation of the TLS protocol and more importantly, you will learn how to troubleshoot TLS based communications when things don't work as expected. sharkfest-25-us-2024-97-pre-conference-class-iii-ssl-tls-troubleshooting-with-wireshark Pre-conference class Sake Blok en true https://conference.wireshark.org/sharkfest-25-us-2024/talk/L8ZM9P/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/L8ZM9P/feedback/ Grand Ballroom Salon E Organization 2025-06-17T09:00:00-04:00 09:00 01:00 Gerald Combs & Friends talk about the new developments over the past year sharkfest-25-us-2024-103-keynote-things-i-love-about-wireshark-and-maybe-a-couple-of-things-i-don-t Organization Gerald Combs en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/UYU7BA/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/UYU7BA/feedback/ Grand Ballroom Salon E Presentation 2025-06-17T10:15:00-04:00 10:15 01:00 Gerald has been working on a new tool that has just been released to the public: Stratoshark. It has the same look and feel of Wireshark (as it shares quite a bit of common code), but you can analyze (linux) system calls and (cloud) logs with it. As per www.stratoshark.org: _Stratoshark lets you explore and investigate the application-level behavior of your systems. You can capture system call and log activity and use a variety of advanced features to troubleshoot and analyze that activity. If you've ever used Wireshark, Stratoshark will look very familiar! It's a sibling application that shares the same dissection and filtering engine and much of the same user interface. It supports the same file format as Falco and Sysdig CLI, which lets you pivot seamlessly between each tool. As an added bonus, it's open source, just like Wireshark and Falco._ This talk will give you an introduction to Stratoshark and some hints to get started your Stratoshark journey. sharkfest-25-us-2024-129-new-kid-on-the-block-stratoshark Intermediate Sake Blok en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/FKYN93/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/FKYN93/feedback/ Grand Ballroom Salon E Presentation 2025-06-17T11:30:00-04:00 11:30 01:00 Using Sharkmon - Wireshark User can now finally start monitoring - using same syntax, same core technology - but for 1000s of pcap files - data over hours, days, months sharkfest-25-us-2024-93-sharkmon-packet-monitoring-using-tshark Intermediate /media/sharkfest-25-us-2024/submissions/MVF9CL/sharkx2_Kopie_gphNr0p.png Andreas Diedrich en Packet data exists everywhere in the network - in the data center, on assembly lines, in the service cloud, in cars - or in the home office. Wireshark can be used to analyze every protocol with its fields - but billions of network packets (100 Gbps = 134,217,728 bytes/sec) cannot be analyzed manually. For fast and precise trend detection, anomaly recognition, incident alerting and cause-effect understanding, the analysis of all packet data and fields must be automated and in real time. Sharkmon was developed to capture and analyze every wireshark-"known" IT protocol with all defined protocol fields as needed and to keep it available in dashboards for months / years. The combination of deep packet analysis on Wireshark core level and monitoring is unique in the industry. Sharkmon was developed to bridge this gap - between longtime base data and shortime Wireshark data. The data that the users needs is collected and evaluated at the deep Wireshark level. The results are indexed, threshold-checked, aggregated, stored in the database for a long time and can be displayed in clear dashboards and reports. This makes it possible to immediately identify problems and trends - and react precisely. Sharkmon Short list - Network packet data in Pcap format – from anywhere – also distrubuted sources - tens of thousands of PCPA files over long periods of time - Wireshark metrics for automated analysis - parallel data analysis of data from multiple sources / locations - Cloud or on-premise installation - Web application with web dashboards, user sharing enables easy collaboration - hierarchical indexing of metrics, sessions, protocols and technology enables immediate assignment of critical events to the corresponding technologies and details - hierarchical dashboards – top: index value by technology -> down – per second line chart / data table per critical metric / user session - automated reporting and data export false https://conference.wireshark.org/sharkfest-25-us-2024/talk/MVF9CL/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/MVF9CL/feedback/ Grand Ballroom Salon E Presentation 2025-06-17T13:30:00-04:00 13:30 01:00 End users and application teams complain to you about the latency, but we want to prove it is not network, how about that? The latency lies everywhere, not only in the network round trip time. sharkfest-25-us-2024-92-chase-the-latency Intermediate Megumi Takeshita en In this session, you can learn how to divide latency properly between the client OS/apps, the server OS/apps, and the network side, including reasonable ways to debug latency problems. We can find the root cause of the latency with TCP/UDP analysis TIPS and tricks using Wireshark. false https://conference.wireshark.org/sharkfest-25-us-2024/talk/UPKZY8/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/UPKZY8/feedback/ Grand Ballroom Salon E Presentation 2025-06-17T14:45:00-04:00 14:45 01:00 Wireshark and packet analysis shows us what happened but to understand the why behind what we see, we apply our expectation of what should happen to what we actually observe. To set the proper expectation, how we actually capture and the location of our diagnostic tool is important. This is a discussion of how we can determine where and how a capture is taken based on what we observe in our pcap files. sharkfest-25-us-2024-102-wireshark-packet-capture-is-like-real-estate-location-matters Beginner George Cragg en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/DE8CQW/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/DE8CQW/feedback/ Grand Ballroom Salon E Presentation 2025-06-17T16:00:00-04:00 16:00 01:00 26 years after the initial release of IPv6 we observe that many networks are not formally implementing IPv6, however, most modern desktop, server, and network OS's have had IPv6 enabled for 15+ years. That means many IT departments and technologists don't understand that IPv6 is in fact all over their networks nor what the potential implications are. This session will encompass the access/recon/exploit of an "IPv4 only" network using IPv6...and yes, Wireshark will be used! sharkfest-25-us-2024-116-i-m-exploiting-your-ipv4-network-with-ipv6 Intermediate Jeff Carrell en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/VZL737/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/VZL737/feedback/ Grand Ballroom Salon E Presentation 2025-06-17T17:15:00-04:00 17:15 01:00 Did you know that communication networks play a critical role in the power grids reliability and safety? In this session, we will look at the power grid from a bird’s eye view, highlighting its key components: generation, transmission, distribution, and consumers. Each area is interconnected through various networks, which play a crucial role in the efficient operation of the power grid. We will then focus on the devices that are essential for safeguarding the power grid and communicating critical information to other devices and SCADA systems. To bring these concepts to life, we will walk through a real customer issue and highlight the critical role Wireshark played in troubleshooting and determining root cause. sharkfest-25-us-2024-115-from-power-lines-to-packets-network-troubleshooting-in-the-power-grid Beginner /media/sharkfest-25-us-2024/submissions/NBJN8M/FromPowerLinesToPackets_SessionImage_3MQ5cTN.png Daniel Lopez en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/NBJN8M/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/NBJN8M/feedback/ Grand Ballroom Salon E Dinner 2025-06-17T18:30:00-04:00 18:30 03:00 Join us for a fun night with an opportunity to enjoy wonderful conversations and win some nice prizes! sharkfest-25-us-2024-100-sponsor-technology-showcase-reception-treasure-hunt-dinner Organization en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/TSVX8C/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/TSVX8C/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-17T10:15:00-04:00 10:15 01:00 While many people like Ray Kurzweil and Sabine Hossenfelder point out that that we have not really seen any real cause for concern that quantum computing is about to actually work, much less crack the world’s encryption technologies, there are regulations in the works such as FIPS 203 (as well as FIPS 204 & FIPS 205), to migrate to quantum safe algorithms. In this talk, I plan to use Wireshark to sniff out TLS handshakes using Microsoft Edge and Google Chrome to see the algorithms negotiated, which are threatened by quantum computing “Shor’s Algorithm” and why it may actually be faster anyway to migrate. sharkfest-25-us-2024-118-are-you-ready-for-post-quantum-encryption Security /media/sharkfest-25-us-2024/submissions/K8HXC9/sharkfest_OAkchht.jpg Larry Greenblatt en In a TLS handshake, we see the client offer the cipher suites it supports; 1a-asymmetric for key agreement, 1b-asymmetric for signing (Note: only asymmetric algorithms are affected by Shor's algorithm) 2) Symmetric for data encryption (not affected) 3) Hashing for data integrity (not effected) Using Wireshark is my favorite way to see if a client is actually capable of what the vendor claims (~_^) false PDF of my presentation https://conference.wireshark.org/sharkfest-25-us-2024/talk/K8HXC9/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/K8HXC9/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-17T11:30:00-04:00 11:30 01:00 Unlock a groundbreaking approach to packet analysis with "Talk with Your Packets," where cutting-edge AI and Large Language Models (LLMs) meet the world of .pcap and .pcapng files. This session explores how natural language, combined with artificial intelligence and a Retrieval Augmented Generation (RAG) pipeline, can transform traditional packet analysis. We’ll dive into how packets are converted into JSON representations via the CLI, chunked for efficient processing, embedded as vectors, and stored in ChromaDB for retrieval. Democratizing access to advanced packet analysis and making it easier for users to ask meaningful questions about their packet captures. While this solution augments Wireshark by aiding in the filtering and crafting of high-value .pcaps (garbage in, garbage out), it does not replace Wireshark. Instead, it empowers analysts with a more intuitive and streamlined way to interpret packet data. sharkfest-25-us-2024-111-talk-with-your-packets-ai-powered-natural-language-interaction-with-packet-captures Expert / Developer /media/sharkfest-25-us-2024/submissions/3EVGHM/c6d1c262-b70c-4b4d-b39f-3135fda6fa6c_4YdBotG.png John Capobianco en This will be a mix of slides and live demonstrations as well as Q&A and interactivity with the audience false https://conference.wireshark.org/sharkfest-25-us-2024/talk/3EVGHM/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/3EVGHM/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-17T13:30:00-04:00 13:30 01:00 In this talk we will go over the packet flow when your cell phone acquires a LTE network, and what the packets look like once you are connected. We will also cover how wireshark tools can be used to look at traffic with tunneling protocols used in LTE. sharkfest-25-us-2024-117-walk-through-3gpp-packet-flow Intermediate Mark Stout en In this talk we will go over the packet flow when your cell phone acquires a LTE network, and what the packets look like once you are connected. We will also cover how wireshark tools can be used to look at traffic with tunneling protocols used in LTE. false https://conference.wireshark.org/sharkfest-25-us-2024/talk/WDQNXL/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/WDQNXL/feedback/ Grand Ballroom Salons A-D Workshop 2025-06-17T14:45:00-04:00 14:45 02:15 Learn how to recognize and detect malicious activity on the wire. sharkfest-25-us-2024-136-detecting-evil-with-network-traffic-analysis Security /media/sharkfest-25-us-2024/submissions/AFUCXC/1735868870726_DlRFfoh.jpeg Marcelle Lee en What does badness look like on the wire? How can you recognize a DDoS versus nmap scan vs remote access vs data exfiltration? Understanding network protocols (yes, RFCs!) and being able to extract artifacts from network traffic is essential in many fields - incident response, forensics, security operations - the list goes on. Recognizing the hallmarks of various types of attacks is also key. In this workshop we will walk through custom packet captures to explore examples of various types of attacks. This workshop is designed for a variety of experience levels. We will start with the basics of TCP/IP and review how network traffic flows, then ease into the analysis part. I encourage anyone with an interest to participate. For more advanced students there will be additional questions/challenges to keep you occupied. false https://conference.wireshark.org/sharkfest-25-us-2024/talk/AFUCXC/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/AFUCXC/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-17T17:15:00-04:00 17:15 01:00 The Wireshark Certified Analyst exam is here. This is an exciting step for the Wireshark Community! In this session, Chris and Ross, who helped to develop the WCA, go into the steps that were taken to create, develop and deliver the exam. Beyond sharing the objectives, we will explore the intended audience, how to prepare, sample labs, and what types of jobs this certification will support. Time will be taken for live training labs that feature exam objectives, as well as for Q+A about the certification. Come learn more about the certification and find out if you are ready to become one of the first WCA’s in the world! sharkfest-25-us-2024-147-the-making-of-the-wireshark-certified-analyst-wca-exam Organization Chris GreerRoss Bagurdes en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/CWX3JT/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/CWX3JT/feedback/ Grand Ballroom Salon E Presentation 2025-06-18T08:45:00-04:00 08:45 01:00 It’s easy to laugh at the apocryphal executive quote “Cloud doesn’t have Packets!”, but is there something to it? What might they have meant? What are the differences between traditional On-premise and Cloud networking and architectures, and what does this tell us about attitudes towards network based security and trouble-shooting? In this talk we will look at how Cloud differs from On-prem networking, what common Cloud architectures look like, and how they can confound established practice. We will review options for Packet Capture and network based tools in Cloud compared to On-prem environments, and discuss whether it is practical, beneficial, and necessary. sharkfest-25-us-2024-151-cloud-doesn-t-have-packets Beginner Stephen Donnelly en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/QDHWWZ/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/QDHWWZ/feedback/ Grand Ballroom Salon E Presentation 2025-06-18T10:00:00-04:00 10:00 01:00 While many companies have a network engineer that becomes the de facto packet analyst, building a full performance engineering (PE) team takes time and effort, as well as support from upper management. This talk will chronicle one team's experience with building and maintaining a high-achieving PE team over the past 13 years. This is designed to be an interactive discussion of what Performance Engineering is and what the future is for packet experts. Come ready to share your stories and challenges. sharkfest-25-us-2024-135-building-support-for-an-in-house-performance-engineering-team Beginner Tim DeLamatre en true https://conference.wireshark.org/sharkfest-25-us-2024/talk/PEDGXJ/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/PEDGXJ/feedback/ Grand Ballroom Salon E Presentation 2025-06-18T11:15:00-04:00 11:15 01:00 RFC 3271 spoke about the Internet being for everyone. Even today, in 2025, it isn't. Its functionality keeps growing and changing - new protocols are created - a good reason that Wireshark has a future! Despite its penetration, the Internet is not yet reliably for everyone. In this talk, I will review technical and policy considerations that must be treated to overcome to achieve an Internet that really is for everyone. Will AI help? A question worthy of exploration. sharkfest-25-us-2024-107-vint-cerf-keynote-the-good-the-bad-the-ugly-internet-from-2025-on Organization Vint Cerf en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/WEM9ES/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/WEM9ES/feedback/ Grand Ballroom Salon E Packetdoctors Session 2025-06-18T13:15:00-04:00 13:15 01:30 The experts on this panel have been asked to look at a trace file and help find a reason for certain behaviors by attendees at many SharkFests. Based on this, they’ve decided to create a public forum for examining individual trace files with a broader audience for a collective learning experience. Trace files will be gathered from attendees prior to SharkFest and only given to the panel members during the session so that the “not- knowing what to expect and whether it can be solved” experience of working through an unknown trace file can be preserved. Come to this session and learn to ask the right questions and look at packets in different ways. PLEASE SEND PERPLEXING TRACE FILES FOR ANALYSIS BY THE PANEL TO jasper@packet-foo.com PRIOR TO SHARKFEST! sharkfest-25-us-2024-104-the-packet-doctors-are-in-packet-trace-examinations-with-the-experts Chris GreerRoss BagurdesSake Blok en true https://conference.wireshark.org/sharkfest-25-us-2024/talk/A383HZ/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/A383HZ/feedback/ Grand Ballroom Salon E Presentation 2025-06-18T15:00:00-04:00 15:00 01:00 Wireless environments are complicated. Sometimes devices do not behave the way we expect. When these strange situations occur, how do you know whether your client device, AP, or other server resource is the issue? This presentation will review how to determine if devices are following the IEEE 802.11 standard and how to approach Wi-Fi issue resolution between client device and AP vendors. sharkfest-25-us-2024-110-how-do-you-know-wi-fi-device-is-the-problem Intermediate Eva Santos en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/KDLCBH/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/KDLCBH/feedback/ Grand Ballroom Salon E Presentation 2025-06-18T16:15:00-04:00 16:15 01:00 Being a network engineer today requires much more than an understanding of subnets, spanning tree, and packet capture decodes. All the traditional skills matter, but many more are required in today's increasingly software-centric world. You can add on many of the new skills desired, and this presentation takes you through new topics for your consideration, and approaches to learning and acquiring skills in ways that fit your interest and job needs. sharkfest-25-us-2024-124-the-next-gen-network-engineer Intermediate Scott Robohn en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/LZAXYA/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/LZAXYA/feedback/ Grand Ballroom Salon E Presentation 2025-06-18T17:30:00-04:00 17:30 01:00 Containerlab is a modern open source tool to orchestrate and manage container based labs. During this session, we will provide an introduction to Containerlab and its features, deployment examples with container and VM based images followed by packet capture methods using Wireshark and Edgeshark. sharkfest-25-us-2024-113-containerlab-a-modern-way-to-design-deploy-and-test-network-labs Beginner Saju Salahudeen en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/VCD7PX/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/VCD7PX/feedback/ Grand Ballroom Salon E Dinner 2025-06-18T18:30:00-04:00 18:30 03:00 Sake's esPCAPe Group Packet Challenge is back! sharkfest-25-us-2024-109-sponsor-technology-showcase-reception-espcape-group-packet-challenge-and-dinner Organization Sake Blok en Sake's esPCAPe Group Packet Challenge is back! false https://conference.wireshark.org/sharkfest-25-us-2024/talk/8YFL7L/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/8YFL7L/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-18T08:45:00-04:00 08:45 01:00 In this presentation I will explain how JA4+ network fingerprinting works and show you how to use it to detect malware clients, their c2 servers, reverse SSH shells, connections from proxies and VPNs, estimating the location of the true client behind the proxy or VPN, and a lot more, all just by passively looking at the network traffic with JA4+ and without the need to break encryption. JA4+ is free and available across a wide range of open source and vendor tools you already use including Wireshark, Zeek, Arkime, Suricata, Censys, Vectra, etc. sharkfest-25-us-2024-149-solving-cybersecurity-with-ja4-network-fingerprinting Security John Althouse en true https://conference.wireshark.org/sharkfest-25-us-2024/talk/8K9FHW/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/8K9FHW/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-18T10:00:00-04:00 10:00 01:00 To be the network or not to be the network! This is a question we face a lot. The network is blamed by default, but is it really the network. During this session a couple of real life cases will be presented. What was the problem, how was it analyzed, what can we learn about the process and off course the answer to the question: was it the network? sharkfest-25-us-2024-130-packet-stories Expert / Developer Sake Blok en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/SWZ3VP/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/SWZ3VP/feedback/ Grand Ballroom Salons A-D Workshop 2025-06-18T15:00:00-04:00 15:00 02:15 Ahead of time, please ensure you have both Wireshark (www.wireshark.org) and Stratoshark (www.stratoshark.org) installed, and download the session resources from Github: https://github.com/je-clark/sharkfest-25-us-stratoshark With the recent release of Stratoshark, we finally have a familiar tool that helps us understand how the internals of servers and operating systems function. This talk will walk through some basic examples of how to set up and run sysdig to gather system call captures, and how to use Stratoshark to gain a deeper understanding of what runs on our networks. From this talk, expect: - Detailed sysdig and Stratoshark capture information - Examples showing how packet data from Wireshark shows up in a Stratoshark capture - Examples of real life troubleshooting with Stratoshark sharkfest-25-us-2024-108-tales-of-a-system-call-spelunker-using-sysdig-and-stratoshark-to-examine-system-internals Expert / Developer Josh Clark en true https://conference.wireshark.org/sharkfest-25-us-2024/talk/LXN79C/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/LXN79C/feedback/ Grand Ballroom Salons A-D Presentation 2025-06-18T17:30:00-04:00 17:30 01:00 Ever struggled with capturing traffic from your mobile device or felt stumped by encrypted applications? Dive into this comprehensive session to build your very own wired or wireless traffic sniffer using a Raspberry Pi. sharkfest-25-us-2024-122-cybershark-3001-capture-and-decrypt-wifi-traffic-from-any-device Intermediate Ross Bagurdes en n this engaging workshop, you'll explore: • Selecting the ideal Raspberry Pi hardware and components. • Choosing the best Raspbian OS versions. • Building proper interface and routing configurations. • Setting up a wireless AP. • Generating and installing certificates. • Setting up a TLS proxy to export session keys. • Connecting devices to capture their traffic. • Limitations of the device and configuration. • Addressing critical security and privacy considerations associated with the device. Walk away with the confidence and knowledge to construct a wireless capture device, granting you the power to decrypt and troubleshoot applications with ease(results may vary) false https://conference.wireshark.org/sharkfest-25-us-2024/talk/XMXZMK/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/XMXZMK/feedback/ Grand Ballroom Salon E Organization 2025-06-19T09:00:00-04:00 09:00 01:00 Come and enjoy an interesting session with learning interesting stuff about each other! sharkfest-25-us-2024-105-sharkbytes Organization en SharkBytes are great fun and a highlight of the SharkFest conferences. Each year, attendees offer glimpses into their lives by speaking about a particular interest or hobby (unrelated to Wireshark!) that reveals a side of them that fellow SharkFesters would not otherwise know. If you want to volunteer to present a 5-minute Byte, please send us an email: sharkfest@wireshark.org false https://conference.wireshark.org/sharkfest-25-us-2024/talk/CSJGR9/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/CSJGR9/feedback/ Grand Ballroom Salon E Presentation 2025-06-19T10:15:00-04:00 10:15 01:00 Pcap gives us a way to log packets - but pcap-NG gives us a way to log packets, packet-like objects, and environmental metadata to fully understand the capture. An introduction to generating pcap-NG logs from multiple (even hundreds) of interfaces, metadata, custom packet types, and custom meta-data. sharkfest-25-us-2024-112-pcap-ng-packets-and-packet-like-objects Intermediate Mike Kershaw en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/UPXCGM/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/UPXCGM/feedback/ Grand Ballroom Salon E Presentation 2025-06-19T11:30:00-04:00 11:30 01:00 This session will demonstrate the capability for Wireshark and tshark to be a more versatile tool for packet capture. sharkfest-25-us-2024-95-capturing-in-unusual-places Intermediate Roland Knall en Capturing on stuff beyond traditional pure network cables, like: * Google Chrome network logs * Bluetooth * USB false https://conference.wireshark.org/sharkfest-25-us-2024/talk/YBBEH7/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/YBBEH7/feedback/ Grand Ballroom Salon E Organization 2025-06-19T12:30:00-04:00 12:30 02:00 Closing Remarks and Farewell reception sharkfest-25-us-2024-101-lunch-closing-remarks-and-farewell-reception Organization en false https://conference.wireshark.org/sharkfest-25-us-2024/talk/NXSMZR/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/NXSMZR/feedback/ Grand Ballroom Salons A-D Workshop 2025-06-19T10:15:00-04:00 10:15 02:15 Real life troubleshooting a difficult 3rd party software performance issue with using Wireshark and Advanced Analytics sharkfest-25-us-2024-148-0-wireshark-plus-advanced-analytics-better-together-2-part-session Expert / Developer John Pittle en Join us for a troubleshooting deep dive into solving a difficult problem occurring within Webex login from 2018, known as the 98% hang condition. We’ll showcase how the partnership of Wireshark and Advanced Analytics can be leveraged to quickly isolate the fault domain. Captures will be provided for use during the session. Session is half presentation and half hands-on lab with Wireshark. false https://conference.wireshark.org/sharkfest-25-us-2024/talk/EKZSBK/ https://conference.wireshark.org/sharkfest-25-us-2024/talk/EKZSBK/feedback/