home.social

#packetcapture — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #packetcapture, aggregated by home.social.

  1. I think I've worked out why my string matching in `iptables` hasn't been working.

    When I do get it to log, it's reporting 64 byte packets. For packets that Wireshark says are 78 bytes. Because it's just reporting the IP frame size, not the full Ethernet frame size. And so my offsets have been out by an Ethernet header size that I assumed was in the packet calculations.

    Because it's IP Tables, of course 😑

    #PacketCapture #Networking #SysAdminProblems

  2. Just getting started with Wireshark?

    Check out “Packet Capture 101” for a beginner-friendly intro to packet analysis! Taught by @packetjay, this session covers everything you need to know to get up and running with Wireshark.

    youtube.com/watch?v=rWHWOat5_X

    Want to learn live from experts? Join us at SharkFest'25 EUROPE for hands-on classes, networking, and all things packet analysis.

    Don’t miss your chance to level up your network troubleshooting skills—visit sharkfest.wireshark.org for details!

    #Wireshark #PacketCapture #sf25eu

  3. Released a new tool, packet-monkey:

    github.com/timb-machine/packet

    Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters. I use it for layer 2/3 traffic analysis on engagements.

    #tool, #code, #packetcapture, #trafficanalysis, #wireshark

  4. ​Join us at SharkFest'25 US for the #TCP Analysis Masterclass with network security expert @packetjay on June 16th.

    This pre-conference class delves deep into TCP troubleshooting, from basic concepts to complex scenarios involving multi-point captures for packet loss and timing issues. Elevate your network analysis skills and tackle challenging cases with confidence. Reserve your spot now! ​

    sharkfest.wireshark.org/sfus

    #Wireshark #sf25us #SharkFest #PacketCapture

  5. So there is an NDIS Capture driver in the virtual switches for Hyper-V... guess what you can do with those? :o) #pcap #packetcapture #networkforensics #dfir

  6. Nothing like feeling major FOMO when your internet friends go to #HackerSummerCamp #DEFCON and you’re watching the fun begin - to kick of an ADHD side quest that’s been sitting in your office.

    Here is a #MikroTik 4 slot PCIe card with 4 #AsiaRF #WiFi6E cards installed.

    Final photos to come. Still cleaning it up.

    #Intel #NUC #KismetWireless @kismetwireless #PacketCapture

  7. ssldump version 1.8 has been released.

    A huge thanks to @wr for the new build and all the tremendous contribution for this release.

    ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. It also includes a JSON output option, supports JA3 and IPv6.

    github.com/adulau/ssldump

    #opensource #ssldump #PacketCapture #pcap #dfir #cti #ssl #tls

  8. All the #WiFi #Channels Please.

    Kudos to the Pentoo Linux group for getting the the latest Linux Kernel running with MediaTek WiFi 6E radios...

    Screenshot from @kismetwireless running on #ZIMABoard with the SquidCard...

    #WiFi #Security #PacketCapture #WiFi6E

  9. Last night I caught up with the #TryHackMe #AdventOfCyber2022 challenge and completed days 13 and 14.

    Day 13 covered analyzing a #PacketCapture (#PCAP) file using #WireShark. I have some familiarity with the tool, so I was able to burn through that challenge. I did enjoy the twist of exporting a captured file data stream and then running its hash through #VirusTotal.

    #infosec

  10. Remote Packet Capture over SSH

    Carried around notes for this forever, but had to trial and error a few times this week and while it only takes minutes? to get it up anyway, thought I'd save it on GitHub for posterity and also wrote a short post here: blog.infosecworrier.dk/2022/11

    #WireShark #tcpdump #Live #Forensics #PacketCapture #PCAPRemote #SSH

  11. Remote Packet Capture over SSH

    Carried around notes for this forever, but had to trial and error a few times this week and while it only takes minutes? to get it up anyway, thought I'd save it on GitHub for posterity and also wrote a short post here: blog.infosecworrier.dk/2022/11

    #WireShark #tcpdump #Live #Forensics #PacketCapture #PCAPRemote #SSH

  12. Remote Packet Capture over SSH

    Carried around notes for this forever, but had to trial and error a few times this week and while it only takes minutes? to get it up anyway, thought I'd save it on GitHub for posterity and also wrote a short post here: blog.infosecworrier.dk/2022/11

    #WireShark #tcpdump #Live #Forensics #PacketCapture #PCAPRemote #SSH

  13. Remote Packet Capture over SSH

    Carried around notes for this forever, but had to trial and error a few times this week and while it only takes minutes? to get it up anyway, thought I'd save it on GitHub for posterity and also wrote a short post here: blog.infosecworrier.dk/2022/11

    #WireShark #tcpdump #Live #Forensics #PacketCapture #PCAPRemote #SSH

  14. Remote Packet Capture over SSH

    Carried around notes for this forever, but had to trial and error a few times this week and while it only takes minutes? to get it up anyway, thought I'd save it on GitHub for posterity and also wrote a short post here: blog.infosecworrier.dk/2022/11

    #WireShark #tcpdump #Live #Forensics #PacketCapture #PCAPRemote #SSH

  15. Spyware Discovered on All Samsung Phones - Samsung may have the highest-end options for hardware if you want an Android smartphone, but that ... more: hackaday.com/2020/01/09/spywar #securityhacks #packetcapture #preinstalled #smartphone #security #server #china #osint #phone #virus #app