01 - Network Troubleshooting from Scratch | Learn Wireshark @ SF22US
The title of this class is: "Network Troubleshooting from Scratch" and was taught by Jasper Bongertz. This was recorded on July 12th in Kansas City, MO.
sharkfestus.wireshark.org
Subscribe to our channel for tons of free Wireshark educational content. To attend a live SharkFest and to learn Wireshark with packet analysis experts, visit: sharkfest.wireshark.org and sharkfesteurope.wireshark.org.
SharkFest™, launched in 2008, is a series of annual educational conferences staged in various parts of the globe and focused on sharing knowledge, experience and best practices among the Wireshark® developer and user communities.
SharkFest attendees hone their skills in the art of packet analysis by attending lecture and lab-based sessions delivered by the most seasoned experts in the industry. Wireshark core code contributors also gather during the conference days to enrich and evolve the tool to maintain its relevance in ensuring the productivity of modern networks.
SharkFest’s aim is to support ongoing Wireshark development, to educate and inspire current and future generations of computer science and IT professionals responsible for managing, troubleshooting, diagnosing and securing legacy and modern networks, and to encourage widespread use of the free analysis tool. Per Gerald Combs, Wireshark project Founder …“Wireshark is a tool and a community. My job is to support both."
/ wiresharkfest
Chapters:
0:00 Intro
1:56 Principles of Troubleshooting
7:12 Troubleshooting Goals
10:28 Establishing Connection State
19:00 Time to live/Hop Count
30:46 Real World Scenario 1: "Evil Firewall"
56:45 Scenario 1 Conclusion
58:33 Connection Breakdown
1:01:01 Real World Scenario 2: "We have a problem"
1:08:22 Q&A
Пікірлер: 71
Well done. Clear and concise.
One of the best video on basic network troubleshooting. Thanks for sharing for free 🙏🙏🙏
@WireSharkFest
4 ай бұрын
Thanks for watching!
What a fantastic session, I learned a lot of new stuff. Thanks for sharing with us.
@WireSharkFest
Жыл бұрын
Glad you enjoyed, stay tuned for more!
Thank you, this was easy for me to follow and understand.
Pure gold.
Did not see the session in person but it wound up on my recommended. Great video and very informative.
@WireSharkFest
Жыл бұрын
Thanks for tuning in, we'll be doing more live classes in 2023!
Love it. Thanks for sharing
Excellent session! Thank you so much Jasper!
@WireSharkFest
6 ай бұрын
Thanks for tuning in!
Very Informative Session
Awesome video! It got me interested in wireshark, thank you!
@WireSharkFest
9 ай бұрын
Glad to hear it!
Good job, thanks!
Many thanks for such consolidated one
I feel like hearing Arnold Schwarzenegger :-)
@RashadPrince
Жыл бұрын
😅
@jasperbongertz4866
9 ай бұрын
I'll be back! :)
@ChapalPuteh_
9 ай бұрын
Yep, the Terminator are trying to troubleshoot tge Skynet Server network ..
@Bruce.-Wayne
8 ай бұрын
Caame wiff me if you wanna live
Great video, thanks for sharing 👍👍
Great content, hope to hear more from him.
@WireSharkFest
Жыл бұрын
There will definitely be more!
Thank you sir!
Thank you
awesome
Awsome sir
Nice thanks
@WireSharkFest
Жыл бұрын
You're welcome!
very good video
@WireSharkFest
Жыл бұрын
Thanks Rose!
This was great, thanks
@WireSharkFest
Жыл бұрын
Thanks for watching!!
@ThePumbaadk
Жыл бұрын
More real scenarios would be nice
@WireSharkFest
Жыл бұрын
@@ThePumbaadk there are a bunch more scenarios in our past videos if you want to check them out!
Nice Explanantion
@WireSharkFest
Жыл бұрын
Thanks for watching Krishan!
Firewalls, load balancers, and other network equipment can reduce TTL without being actual hops in the path. Traceroute will do a better job counting
useful session. can we expect another session from Jasper regarding Throughput issues :)
@WireSharkFest
Жыл бұрын
Jasper will definitely have more sessions at upcoming 2023 SharkFests! We'll let him know that throughput issues were requested.
@JanezGaming
Жыл бұрын
@@WireSharkFest Hi Did jasper uploaded this throughput issues?
@jasperbongertz4866
9 ай бұрын
@@JanezGamingNo, I haven't presented that kind of talk yet. But I'll keep it in mind ;)
To effectively troubleshoot network issues using Wireshark during the SF22US conference, you should start by understanding your network layout and capturing traffic with a broad scope. Apply filters to narrow down to specific issues and capture traffic at strategic points. Familiarize yourself with key protocols like TCP, HTTP, and DNS. This process will help you analyze network traffic, identify problems, and troubleshoot effectively.
I would like to know if it is possible to connect an Ethernet cable to my access point and in my notebook and configure Wireshark to see all the wireless traffic generated on the access point. It is possible to configure Wireshark to see wireless traffic on the Access Point over the ethernet cable. Thanks a lot for the help!
@WireSharkFest
11 ай бұрын
Thanks for the question Gilberto - feel free to ask it on our Discord as it will be easier to answer there! discord.com/invite/ts9GZCjGj5
⭐️👍⭐️
How do you set up a live capture 4G / 5G call processor with Wireshark? I know how to capture pcap trace file, but that can only be done from the EPC or 5G Core.
@WireSharkFest
Жыл бұрын
I don't think Jasper monitors the comments here - feel free to ask him on the Wireshark Discord server! discord.com/invite/ts9GZCjGj5
@azndragon75
Жыл бұрын
@@WireSharkFest Thank you much!
I like your coloring columns, is there any chance you can share it?
@WireSharkFest
Жыл бұрын
Feel free to join our Discord and ask Jasper there! discord.com/invite/ts9GZCjGj5
@saifemran4528
Жыл бұрын
@@WireSharkFest Joined, thank you!
Hello Sir, how are you arriving at that no.of routers. For example, when i ping my gateway router, i 'm getting a TTL of 113. How do i calculate the no.of hops(routers)?
@WireSharkFest
7 ай бұрын
Thanks for the question, Joseph! It's much easier to get a reply on our Discord server: discord.com/invite/ts9GZCjGj5
So the dissallowed ip range, on that subnet, no IP address were allowed .... /24 tell everything .. Unless you whitelisting the client IP address .. am i right ? Lets say i want to make a whitelisting option, we should dissallowed by /24, and allow just 1 IP (must be static), from the client .. And the topology is Internal Network for the VM's ... right ? and Wireshark is good for digging network artifact, but overall your video is clearly understandable ... thank you sir ..
@WireSharkFest
3 ай бұрын
Thanks for the question! Feel free to ask on our Discord server, it's more likely to get a response there: discord.com/invite/ts9GZCjGj5
What could be the reason if I am getting this error "TCP ACked Unseen Segment" in my wireshark analysis? thanks
@WireSharkFest
4 ай бұрын
Thanks for the question! Feel free to ask on our Discord server, it's more likely to get a response there: discord.com/invite/ts9GZCjGj5
Please say "I'll be back" at the end of your videos
@jasperbongertz4866
9 ай бұрын
Next time I might :)
In the case of Google's TTL of 112, How do you find out the number of hops? What formula do you use to find the number of hops?
@WireSharkFest
9 ай бұрын
Feel free to ask this question in the Wireshark Discord server, it's much more likely to get a response there! discord.com/invite/ts9GZCjGj5
@jasperbongertz4866
9 ай бұрын
I look at the "Usual Suspects" of starting TTLs: 64, 128, 255. 64 is too low, so we can rule that one out. 255 is unlikely because that would mean we'd have 43 hops and it's rare to see any hop count above 23, and more so above 35. So we can assume 128 is the starting TTL, which would mean its 16 hops (128 minus 112) , which is very reasonable.
@mwiza
8 ай бұрын
It started at 128 and drops by 1 for every hop. Therefore 128 - 112 gives you 16 (hops)
How about 802.11 Troubleshooting.
@WireSharkFest
Жыл бұрын
Not exactly what you're looking for, but we do have this video on 802.11 Power Save Mode kzread.info/dash/bejne/e3p916WBgaW1lqg.html
Voice over by Magnus Carlsen
@WireSharkFest
Жыл бұрын
In this economy, even a chess grandmaster has to have a side gig
Thank you for this video. I shared it with a few friends. They were so excited.. You are missing out on potential viewers by not using a service such as *promo sm*!!!