Agenda

Date and TimeTitle
Jul. 01, 2022 - 1:00 am to Jul. 26, 2022 - 4:07 am (Pacific)TT01: 1-Line PowerShell File System Performance Script

Tony shows you a quick, simple but powerful Windows Powershell command to measure file system performance.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 02, 2022 - 1:00 am to Jul. 27, 2022 - 4:07 am (Pacific)TT02: 3 Cool Buttons to Build in Wireshark

Laura shows you her two favorite buttons and a cool feature used to organize display filter buttons. If you haven't used buttons yet in Wireshark, you'll LOVE this feature. Make sure you also watch Laura's session focused on profiles (TT19).

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 03, 2022 - 3:00 pm to Jul. 28, 2022 - 6:07 pm (Pacific)TT03: Avoid Wireshark's != Hell

First you couldn't use it with alias/combo fields, now you can! Yes! As of Wireshark v3.6, the != operator has finally be changed to work the way we always thought it should.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 04, 2022 - 3:00 pm to Jul. 29, 2022 - 6:07 pm (Pacific)TT04: Use the -b Option in Tshark

In this tech tip, Mike Pennacchi goes through the command line used to create a ring buffer.  This is a powerful tool for capturing packets over an extended period.  Don't let those intermittent problems get you down, write the packets to disk and analyze them after the problem happens.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 05, 2022 - 3:00 pm to Jul. 30, 2022 - 6:07 pm (Pacific)TT05: Browser Developer Tools

Did you know that most current web browsers now include ‘Developer Tools’? You might think, "So what, I’m not a developer”. Tony shows you why you would want to take a peek at this powerful facility.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 06, 2022 - 3:00 pm to Jul. 31, 2022 - 6:07 pm (Pacific)TT06: Build an Essential Wireshark Stream Column

It's almost always the first column Laura adds to her profiles. If you are making profile templates, ensure you have added this - and remember: columns can display more than one field!

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 07, 2022 - 3:00 pm to Aug. 01, 2022 - 6:07 pm (Pacific)TT07: CDP Discovery Using Microsoft’s Pktmon

Capturing a CDP packet is very helpful when troubleshooting since it provides vital information. Everything from Switch address, name, port, duplex, VLAN and POE information. In many cases, this will save a ton of time compared to tracing cables. Tony shows you how to capture a CDP packet on a windows system natively when you can't install a third party protocol analyzer.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 08, 2022 - 3:00 pm to Aug. 02, 2022 - 6:07 pm (Pacific)TT08: Creating Batch Files to Filter Multiple Capture Files

Tech tip TT04 showed you how to create a ring buffer and capture for a long period of time.  Now that you have a directory full of files, you need to analyze them.  The slow way is to open each file.  The fast way is to create batch files that will apply display filters to the files and extract the desired packets.  Mike provides several examples of batch files that may be run on Windows or Linux that will extract the packets based on a filter.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 09, 2022 - 3:00 pm to Aug. 03, 2022 - 6:07 pm (Pacific)TT09: Decrypt WPA2 Traces

One of the challenges of analyzing wireless traces is decrypting the wireless packets. In this tech tip, Mike Pennachi will take you through the process of setting up WPA2 decryption within Wireshark. This will allow you to decode the packets and see the upper layer information, even if it's been encrypted.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 10, 2022 - 3:00 pm to Aug. 04, 2022 - 6:07 pm (Pacific)TT10: Easily Manage Your Windows IP Configuration

If you find yourself changing or checking your Windows IP configuration a lot, you need this little gem.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 11, 2022 - 3:00 pm to Aug. 05, 2022 - 6:07 pm (Pacific)TT11: Fast Trick for TCP Handshake Analysis

Laura always pays attention to the TCP handshake - that's where we can learn the essential capabilities of TCP handshakes and the initial round trip time (iRTT).

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 12, 2022 - 3:00 pm to Aug. 06, 2022 - 6:07 pm (Pacific)TT12: Figure Out the TCP Connect Time in Just 2 Packets

The TCP 3-way handshake is full of important information.  The handshake also provides you with an opportunity to measure the TCP round trip time, which is far more accurate than any ping will be.  Find out why and how.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 13, 2022 - 3:00 pm to Aug. 07, 2022 - 6:07 pm (Pacific)TT13: Filter Faster with the “In” Operator

Everyone skips over the in operator! Poor thing! In this Tech Tip, Laura provides a couple examples of how to use this operator to save yourself time.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 14, 2022 - 3:00 pm to Aug. 08, 2022 - 6:07 pm (Pacific)TT14: Get Started with IPerf in 5 Steps or Less

If you haven’t used iPerf or iPerf3 yet, you are in for a treat.  This little utility is a great way to figure out your network performance. Tony shows you how to get started in no time.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 15, 2022 - 3:00 pm to Aug. 09, 2022 - 6:07 pm (Pacific)TT15: How To Perform a Port Scan Using Nmap

What do you do when you want to figure out what ports are open on a host? This could be for application profiling, testing a firewall or just testing. Tony walks you through how to complete this task in no time.

Please remember to fill out the Session Survey. Each survey response enters you into our CORE-IT Pros survey drawing for a chance to win something fabulous!

Jul. 16, 2022 - 3:00 pm to Aug. 10, 2022 - 6:07 pm (Pacific)TT16: How to Use an Optical Power Meter

Determining if a fiber optic link is active or whether it can provide the necessary signal strength is not a difficult task. However, it does require a special piece of equipment, an optical power meter. Mike uses a simple optical power meter to validate if fiber is active and measure the optical signal strength in this tech tip.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 17, 2022 - 3:00 pm to Aug. 11, 2022 - 6:07 pm (Pacific)TT17: How to Use Bridge Forwarding Tables

Unlike with routers there is not an easy way to trace a path at Layer 2 through the network. In this Tech Tip, Mike Pennacchi goes through how to use the bridge forwarding tables in manage switches to trace a path through the network at Layer 2 to determine where a device is located.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 18, 2022 - 3:00 pm to Aug. 12, 2022 - 6:07 pm (Pacific)TT18: How to Use CURL to Measure Response Times

When troubleshooting performance problems with websites, it is crucial to understand what is slow. In this Tech Tip, Mike Pennacchi goes through how to use CURL to measure the response time of the DNS query, TCP connection set up, SSL set up, server response time, and download speed. Armed with this information, you can focus your troubleshooting efforts on the cause of the slowdown.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 19, 2022 - 3:00 pm to Aug. 13, 2022 - 6:07 pm (Pacific)TT19: Import/Export Wireshark Profiles

Profiles! Profiles! Profiles! They are one of the most important features added to Wireshark. We can't even imagine the days before profiles!!! Throughout this event, you will see Laura create LOTS of profiles. Full Event Access ticket holders should be sure to catch Laura's DIY01 session!

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 20, 2022 - 3:00 pm to Aug. 14, 2022 - 6:07 pm (Pacific)TT20: iPerf for TCP, iPerf for UDP

In this Tech Tip, Mike demonstrates how to use iPerf3 to measure throughput across the network.  He discusses when you should use TCP to measure throughput and when you should use UDP to measure packet loss and jitter.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 21, 2022 - 3:00 pm to Aug. 15, 2022 - 6:07 pm (Pacific)TT21: Laura’s Lazy Filter Trick

Hmmm... lazy or efficient? Laura shows you a quick way to detect packets of interest by "casting a wide net" at first, adding on based on displayed packets, and tightening up your filters as needed.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 22, 2022 - 3:00 pm to Aug. 16, 2022 - 6:07 pm (Pacific)TT22: Make Your Own Graphs in Excel from Your Traces

Ever look at the Wireshark graphs and wish you could customize it more.  Tony shows you how to quickly take that trace file into Excel for better visualization. 

Jul. 23, 2022 - 3:00 pm to Aug. 17, 2022 - 6:07 pm (Pacific)TT23: nslookup, Beyond the A Record

When troubleshooting DNS problems, nslookup is commonly used for resolving A records to IP addresses. This Tech Tip focuses on the other types of lookups that may be performed with nslookup.  These include MX records, SOA records, and PTR records.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 24, 2022 - 3:00 pm to Aug. 18, 2022 - 6:07 pm (Pacific)TT24: Recover a Stored Password from a Web Browser 

Ever wonder what that password is to that device when using your support laptop and browser?  Tony will show you how with one click and no extra software required.

Jul. 25, 2022 - 3:00 pm to Aug. 19, 2022 - 6:07 pm (Pacific)TT25: Removing Duplicate Packets from a Trace File

One of the challenges that may be encountered when capturing network traffic is duplicate packets. This may be caused by capturing on multiple interfaces and getting the same packet more than once. When analyzing the captured packets, these duplicate packets may appear as retransmissions. To make analyzing the trace files easier, it is important to remove these duplicate packets. In this Tech Tip, Mike Pennacchi goes through how to use editcap to remove duplicate packets within trace files.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 26, 2022 - 3:00 pm to Aug. 20, 2022 - 6:07 pm (Pacific)TT26: Start Capturing with Pktmon in Less Than 5 Minutes

Microsoft has added pktmon packet capture utility to Windows since Windows 8. This is great way to quickly capture packets when you can not install Wireshark.

Jul. 27, 2022 - 3:00 pm to Aug. 21, 2022 - 6:07 pm (Pacific)TT27: The “Suspicious Stuff” Button

This Tech Tip focuses on building a single button to detect unusual field values such as reserved bits set to 1. Keep adding to this button to spot suspicious traffic on the network.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 28, 2022 - 3:00 pm to Aug. 22, 2022 - 6:07 pm (Pacific)TT28: Using TCP Completeness Feature

The TCP Completeness field is one of the newer fields added to Wireshark's TCP dissector. It's pretty handy for catching unusual TCP sequences, such as SYN, SYN/ACK, ACK followed immediately by FIN or RST.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 29, 2022 - 4:00 pm to Aug. 23, 2022 - 7:07 pm (Pacific)TT29: Using TCP Traceroute to Check Firewall Rules

In this Tech Tip, Mike shows you how to use plain ol' traceroute to analyze firewall rules on a network. Too many folks don't know the many uses of traceroute. Master this one!

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Jul. 30, 2022 - 3:00 pm to Aug. 24, 2022 - 6:07 pm (Pacific)TT30: Wireshark v4 Update

Come check out some of the changes in Wireshark v4 including changes to the default layout, conversations and endpoints windows, and the display filtering system.

Please remember to fill out the Session Survey. Each survey response enters you in our CORE-IT Pros survey drawing to win something fabulous! 

Aug 16, 2022
4:40pm - 5:40pm (Pacific)
TEST this is a longer title for the session - checking out what happens