Sake Blok

Sake has been analyzing packets for over 20 years. During his work, Sake started developing functionality for Wireshark while working with the analyzer in his day-to-day job. He also enhanced multiple protocol dissectors. In 2007, Sake joined the Wireshark Core Development team. In 2009, After working for a reseller of networking equipment for 8 years, he started the company SYN-bit to provide network analysis and training services to enterprises across Europe.


Sessions

06-16
09:00
480min
Pre-conference class III: SSL/TLS Troubleshooting with Wireshark
Sake Blok

The applications of today depend more and more on secure communication channels. For most internet applications the TLS protocol (still mostly referred to as SSL) is providing the secure channel to communicate over. To be able to troubleshoot problems with Applications that use (mutual) TLS, one must understand how TLS sessions are set up, how certificates and certificate authorities come into play and how you can look inside the encrypted traffic to analyse the (cleartext) application data. In this session you will gain a better understanding of the operation of the TLS protocol and more importantly, you will learn how to troubleshoot TLS based communications when things don't work as expected.

Pre-conference class
Grand Ballroom Salons A-D
06-17
10:15
60min
New kid on the block: Stratoshark
Sake Blok

Gerald has been working on a new tool that has just been released to the public: Stratoshark. It has the same look and feel of Wireshark (as it shares quite a bit of common code), but you can analyze (linux) system calls and (cloud) logs with it.

As per www.stratoshark.org:
Stratoshark lets you explore and investigate the application-level behavior of your systems. You can capture system call and log activity and use a variety of advanced features to troubleshoot and analyze that activity. If you've ever used Wireshark, Stratoshark will look very familiar! It's a sibling application that shares the same dissection and filtering engine and much of the same user interface. It supports the same file format as Falco and Sysdig CLI, which lets you pivot seamlessly between each tool. As an added bonus, it's open source, just like Wireshark and Falco.

This talk will give you an introduction to Stratoshark and some hints to get started your Stratoshark journey.

Intermediate
Grand Ballroom Salon E
06-18
10:00
60min
Packet Stories
Sake Blok

To be the network or not to be the network!

This is a question we face a lot. The network is blamed by default, but is it really the network. During this session a couple of real life cases will be presented. What was the problem, how was it analyzed, what can we learn about the process and off course the answer to the question: was it the network?

Expert / Developer
Grand Ballroom Salons A-D
06-18
13:15
90min
The Packet Doctors are in! Packet trace examinations with the experts
Ross Bagurdes, Sake Blok, Chris Greer

The experts on this panel have been asked to look at a trace file and help find a reason for certain behaviors by attendees at many SharkFests. Based on this, they’ve decided to create a public forum for examining individual trace files with a broader audience for a collective learning experience. Trace files will be gathered from attendees prior to SharkFest and only given to the panel members during the session so that the “not-
knowing what to expect and whether it can be solved” experience of working through an unknown trace file can be preserved.
Come to this session and learn to ask the right questions and look at packets in different ways.
PLEASE SEND PERPLEXING TRACE FILES FOR ANALYSIS BY THE PANEL TO [email protected] PRIOR TO SHARKFEST!

Grand Ballroom Salon E
06-18
18:30
180min
Sponsor Technology Showcase Reception, esPCAPe Group Packet Challenge and Dinner
Sake Blok

Sake's esPCAPe Group Packet Challenge is back!

Organization
Grand Ballroom Salon E