Clik here to view.
Basic TCP and UDP Demos w/ netcat and telnet
I am currently working on a network & security training, module “OSI Layer 4 – Transport”. Therefore I made a very basic demo of a TCP and UDP connection in order to see the common “SYN, SYN-ACK,...
View ArticleClik here to view.
Intro to NetworkMiner
This is a guest blogpost by Erik Hjelmvik, an expert in network forensics and network security monitoring at NETRESEC. Wireshark is the default goto tool for analyzing captured network traffic for most...
View ArticleClik here to view.
I Love IPv6 Addressing!
Probably the biggest prejudice when it comes to IPv6 is: “I don’t like those long addresses – they are hard to remember.” While this seems to be obvious due to the length and hexadecimal presentation...
View ArticleClik here to view.
Setting up NTS-Secured NTP with NTPsec
This is a guest blogpost by Martin Langer, Ph.D. student for “Secured Time Synchronization Using Packet-Based Time Protocols” at Ostfalia University of Applied Sciences, Germany. In the previous posts,...
View ArticleClik here to view.
PoE-powered NTP Display
As you might have noticed, I am playing a lot with NTP these days. Having a networking background I also like Power over Ethernet. So what’s more obvious than using a PoE-powered NTP display for test...
View ArticleClik here to view.
Dive into delv: DNSSEC Validation
If you’re into DNSSEC, you’ll probably have to troubleshoot or at least to verify it. While there are some good online tools such as DNSViz, there is also a command-line tool to test DNSSEC signatures...
View ArticleClik here to view.
DNS Capture – The Records Edition
Some time ago I published a post called DNS Test Names & Resource Records which lists many different FQDNs with lots of different RRs. You can use those public available DNS names to test your DNS...
View ArticleClik here to view.
VoIP Captures
VoIP calls, using the network protocols SIP/SDP and RTP, are the de-facto standard when it comes to voice calls. Wireshark offers some special features to analyze those calls and RTP streams – even...
View ArticleClik here to view.
Who is WHOIS?
I am using the WHOIS client a lot these days since I am migrating some RIPE objects such as ASes, inetnum/inet6num, etc. Meanwhile, I recognized that I have never captured this TCP port 43 protocol,...
View ArticleClik here to view.
The Ultimate PCAP
For the last couple of years, I captured many different network and upper-layer protocols and published the pcaps along with some information and Wireshark screenshot on this blog. However, it...
View ArticleClik here to view.
More Capture Details
In the previous post, I released my Ultimate PCAP which includes every single pcap I had so far on my blog. But that’s not all: I have some packets in there that were not yet published up to now. That...
View ArticleClik here to view.
Types of VPN
Another small post out of my “At a Glance” series: The different types of virtual private networks (VPNs). Looking at Site-to-Site and Remote Access VPNs. This is one of many VPN articles on my blog....
View ArticleClik here to view.
SharkFest’19 EUROPE: IPv6 Crash Course
I gave a session about IPv6 at SharkFest’19 EUROPE, the annual Wireshark developer and user community conference, named “IPv6 Crash Course: Understanding IPv6 as seen on the wire“. The talk is about...
View ArticleClik here to view.
UK IPv6 Council Spring 2020: Incorrect Working IPv6 Clients & Networks
I did a short presentation at the spring 2020 roundtable of the UK IPv6 Council. The talk was about a case study I did with my NTP server listed in the NTP Pool project: For 66 days I captured all NTP...
View ArticleClik here to view.
Palo Alto GRE Tunnel
Since PAN-OS version 9.0 you can configure GRE tunnels on a Palo Alto Networks firewall. Greetings from the clouds. As always, this is done solely through the GUI while you can use some CLI commands to...
View ArticleClik here to view.
A Little Printing Please – Packet Capture
Uh, I wasn’t aware of so many different printing protocols. Do you? While I was trying to solve a little printing problem I took a packet capture of three different printing variants over TCP/IP: Raw...
View ArticleClik here to view.
NTP Filtering (Delay & Blockage) in the Internet
NTP (Network Time Protocol) messages are sometimes rate-limited or blocked entirely by Internet operators. This little-known “NTP filtering” was put into place several years ago in response to DDoS...
View ArticleClik here to view.
iperf3 on a FortiGate
This is a really nice feature: you can run iperf3 directly on a FortiGate to speed-test your network connections. It’s basically an iperf3 client. Using some public iperf servers you can test your...
View ArticleClik here to view.
NTS Published as Standard
This is a guest blogpost by Martin Langer, Ph.D. student for “Secured Time Synchronization Using Packet-Based Time Protocols” at Ostfalia University of Applied Sciences, Germany. The Internet...
View ArticleClik here to view.
More Capture Details II
An updated version of my Ultimate PCAP is available. It features some more network protocols that I will depict in this blog post. It’s getting more special since the most common protocols were already...
View Article