Packet Safari Blog
Follow fun trace analyses.
Ransomware Protection: Best Practices in Backup and Defense
Ransomware attacks are a persistent and ever-evolving threat, with devastating consequences for affected organizations. With the ongoing increase in the frequency and sophistication of these attacks, it's now more important than ever to ensure your organization has robust ransomware protection measures in place. In this article, we'll delve deeper into the essential concepts and methods for effective ransomware defense and backup.
Posted 2. June 2023 by 
PacketSafari - 3 min read
NIS2 Directive: All You Need to Know
Looking for comprehensive information about NIS2 Directive compliance? You've come to the right place.
Posted 21. May 2023 by PacketSafari - 1 min read
Zero Trust: Building a More Secure IT Environment
Ready to take your organization's security to the next level? Learn about the zero trust approach and how it can help keep you safe from cyber threats.
Posted 27. April 2023 by PacketSafari - 1 min read
PacketSafari is looking for Sponsors
After years of development PacketSafari is looking for sponsors.
Posted 25. April 2023 by PacketSafari - 2 min read
Filtering Insecure Communication in Wireshark: Uncovering Security Risks
Insecure communication protocols can pose a significant risk to network security. Learn how to use Wireshark to filter and analyze these insecure protocols, such as HTTP, FTP, DNS, NTP, and BGP, to uncover potential vulnerabilities in your network.
Posted 28. March 2023 by PacketSafari - 2 min read
GDPR Compliance: Everything You Need to Know
Are you struggling to navigate the GDPR compliance landscape? Get up-to-speed with everything you need to know in our comprehensive guide.
Posted 27. March 2023 by PacketSafari - 2 min read
PCAP Analysis: Tips and Tricks for Effective Network Traffic Analysis
Learn essential tips and tricks for effective PCAP analysis to improve your network traffic analysis and network security.
Posted 20. March 2023 by PacketSafari - 3 min read
Cracking the CTF Challenge: Analyzing see-through.pcapng to Find the Flag
In this article, we'll dive into the analysis of a capture-the-flag (CTF) challenge using see-through.pcapng. We'll learn how to find the flag using PacketSafari and Wireshark by filtering for specific TCP packets and examining their contents.
Posted 20. March 2023 by PacketSafari - 2 min read
NIS2 Directive: Best Practices for Conducting Risk Assessments
Learn the best practices for conducting risk assessments in compliance with the NIS2 Directive.
Posted 15. March 2023 by PacketSafari - 2 min read
The Importance of NIS2 in Protecting Against Advanced Malware Attacks
Learn why NIS2 is a crucial component in preventing advanced malware and other malicious cyber attacks
Posted 15. March 2023 by PacketSafari - 1 min read
Unraveling the IPv4 Protocol: The Significance of IP IDs and the IPv4 Header Explained
The IPv4 protocol is an essential component of internet communications, allowing data to be transmitted across networks. This article delves into the importance of IP IDs for correlating packets at multiple capture points and provides an in-depth explanation of the IPv4 header.
Posted 21. February 2023 by PacketSafari - 2 min read
Staying Ahead of the Curve: NIS2 and Proactive Network Monitoring
Discover the importance of proactive network monitoring in maintaining compliance with the NIS2 directive, and learn from real-world case studies on how to stay ahead of security threats.
Posted 15. February 2023 by PacketSafari - 2 min read
The Importance of Multi-Factor Authentication for NIS2 Directive Compliance
Learn why multi-factor authentication is a crucial security measure for organizations looking to comply with the NIS2 Directive.
Posted 15. February 2023 by PacketSafari - 1 min read
How to Analyze PCAP Files Online: A Beginner's Guide
Learn how to analyze PCAP files online with this beginner's guide. Discover essential tips and tools for effective network traffic analysis and network security.
Posted 10. February 2023 by PacketSafari - 4 min read
Wireshark CTF Challenges: 5 Real-World Case Studies
Capture the Flag (CTF) competitions are a popular way for cybersecurity enthusiasts to test their skills and learn new techniques. In this article, we will explore 5 real-world Wireshark CTF challenges and share expert tips on how to tackle them.
Posted 4. February 2023 by PacketSafari - 2 min read
Online Wireshark Training by the makers of the online PCAP analyzer PacketSafari
Learn how to use Wireshark, the world’s most popular network protocol analyzer, with online training by the makers of PacketSafari, the online PCAP analyzer. Develop your network analysis skills and gain hands-on experience in real-world scenarios.
Posted 24. January 2023 by PacketSafari - 2 min read
NIS2 Directive: The Importance of Incident Response Plans
Having an effective incident response plan is crucial for compliance with the NIS2 Directive - here's why.
Posted 23. January 2023 by PacketSafari - 1 min read
RTP Voice Stream Analysis in Wireshark: Common Problems and Solutions
Real-time Transport Protocol (RTP) is a critical component for transmitting voice and video data over IP networks. This guide will help you analyze RTP voice streams in Wireshark, identify common issues like packet loss and jitter, and learn the acceptable values for optimal performance.
Posted 19. January 2023 by PacketSafari - 2 min read
CTF and Creative PCAP Challenges: A Walkthrough of 5 Unique Cases
Capture the Flag (CTF) competitions and creative PCAP challenges are excellent ways to test and improve your packet analysis skills. In this article, we will walk through five unique case studies and provide expert insights to help you master these challenges.
Posted 13. January 2023 by PacketSafari - 3 min read
Investigating Network Issues with ARP: Real-World Case Studies Using PacketSafari and Wireshark
ARP is a critical protocol in network communication, and it can often be the cause of network issues. In this article, we will explore real-world case studies of network issues caused by ARP, and how they can be investigated using packet analysis tools like PacketSafari and Wireshark.
Posted 29. December 2022 by PacketSafari - 2 min read
Solving TryHackMe Wireshark Filters room with PacketSafari - Part I Protocol Filters
Wireshark Filters room by Chris Greer on TryHackme was designed to be solved with Wireshark. Let us try to solve it using the PacketSafari SaaS app
Posted 27. December 2022 by PacketSafari - 3 min read
PCAP Analysis of Video Conferencing Traffic: Zoom, WebEx, and GoToTraining
As video conferencing becomes more prevalent, understanding the traffic generated by these platforms is crucial for network administrators and security professionals. In this article, we delve into PCAP analysis of video conferencing traffic, with examples from Zoom, WebEx, and GoToTraining.
Posted 27. December 2022 by PacketSafari - 2 min read
TCP Segment Loss in Wireshark: Expert Tips and Tricks
TCP segment loss can be a major cause of network performance issues. Learn how to identify and troubleshoot TCP segment loss using Wireshark, the popular packet analysis tool.
Posted 27. December 2022 by PacketSafari - 4 min read
Demystifying ICMP Errors: Understanding Destination Unreachable, Fragmentation Needed, and MTU Issues
ICMP errors are crucial in diagnosing network problems, yet they can be quite complex to understand. In this article, we will demystify ICMP errors, focusing on destination unreachable, fragmentation needed, and MTU problems.
Posted 27. December 2022 by PacketSafari - 2 min read
Troubleshooting Cases with Wireshark: CDP, OSPF, RIP, BGP, EIGRP
In this article, we dive into troubleshooting cases using Wireshark for network protocols like CDP, OSPF, RIP, BGP, and EIGRP. We will provide real-world examples, expert knowledge, and useful Wireshark filters for each protocol.
Posted 27. December 2022 by PacketSafari - 2 min read
Packet Analysis of HTTP Traffic: Wireshark vs. Intercepting Proxies like Burp Suite
When it comes to HTTP traffic analysis, both Wireshark and intercepting proxies like Burp Suite offer valuable insights. This article will compare their features, limitations, and use cases to help you choose the right tool for your needs.
Posted 27. December 2022 by PacketSafari - 2 min read
Safeguarding privileged access management in the age of remote work
Are your PAM solutions really as secure as you think? Find out how keystroke injection can crack their clipboard and file copy protections.
Posted 8. December 2022 by PacketSafari - 9 min read
Wi-Fi Traffic Analysis with Wireshark: 5 Case Studies You Need to Know
Wi-Fi traffic analysis is crucial for understanding network performance, identifying security vulnerabilities, and troubleshooting connectivity issues. This article presents five real-world case studies to demonstrate the power of Wireshark in analyzing Wi-Fi traffic.
Posted 10. November 2022 by PacketSafari - 2 min read
Windows name poisoning remains a dangerous attack vector
This Windows attack breaks active directory, your corporate VPN and lock screen.
Posted 25. October 2022 by PacketSafari - 5 min read
How to decrypt TLS traffic in Wireshark
Read TLS traffic as if it wasn't encrypted.
Posted 7. October 2022 by PacketSafari - 3 min read
Wireshark 4.0 ships display filter syntax update
The new syntax addresses filtering limitations that have been present for many years.
Posted 6. October 2022 by PacketSafari - 7 min read
Wireshark has a new default layout
The new 4.0 version features a new default layout that experienced analysts have used for a long time. Here is why.
Posted 5. October 2022 by PacketSafari - 2 min read
Comparing HTTP/1, HTTP/2, HTTP/3, and QUIC: Key Differences, Commonalities, Pipelining, and Multiplexing
As the internet evolves, so do the protocols that enable communication between clients and servers. In this article, we explore HTTP/1, HTTP/2, HTTP/3, and QUIC, discussing their key differences, commonalities, and the concepts of pipelining and multiplexing.
Posted 1. October 2022 by PacketSafari - 2 min read
IEC 60870-5-104 and IEC 61850 Protocol Analysis with Wireshark
IEC 60870-5-104 and IEC 61850 are two essential communication protocols used in the power industry for monitoring, control, and automation of electrical substations. In this article, we dive into the analysis of these protocols using Wireshark, and provide tips and tricks to help you troubleshoot and optimize your network.
Posted 3. August 2022 by PacketSafari - 2 min read
Layer 2 and 3 Changes in First Hop Redundancy Protocols: Failover and Active-Active Mechanisms
First Hop Redundancy Protocols (FHRPs) ensure network reliability by managing Layer 2 and Layer 3 changes during failover and active-active scenarios. In this article, we will explore how FHRPs handle these changes and the mechanisms behind their operation.
Posted 20. April 2022 by PacketSafari - 3 min read
A short Guide to DNS Protocols: DoH, DoT, DNSSec, and DNSCurve
Discover the various DNS protocols, how they differ, their usage statistics, and real-world case studies. Learn how to analyze and troubleshoot DNS issues using packet analysis tools like Wireshark and PacketSafari.
Posted 22. March 2022 by PacketSafari - 3 min read
Basics of First Hop Redundancy Protocols: Analysis and Troubleshooting with Wireshark
First Hop Redundancy Protocols (FHRPs) are crucial for ensuring network availability and resilience. In this article, we delve into the world of FHRPs, discussing their operation, impact on packet capture, and how to troubleshoot them using Wireshark.
Posted 20. March 2022 by PacketSafari - 2 min read
Unraveling DNS Mysteries: 3 Real-World Case Studies Analyzing DNS in Wireshark
DNS-related issues can be complex and challenging to diagnose. In this article, we'll explore three real-world case studies that demonstrate how Wireshark can help you uncover the truth behind DNS-related issues and provide valuable insights.
Posted 23. February 2022 by PacketSafari - 3 min read
How to build Wireshark tools in a docker container
This tutorial shows you how to build Wireshark using docker and create a lean container
Posted 15. February 2022 by PacketSafari - 3 min read
How to merge Wireshark upstream changes into a local fork
How to merge Wireshark upstream changes into a local branch of a fork
Posted 14. February 2022 by PacketSafari - 3 min read
GDPR, Google Analytics and leaking hashes
Around 600000 WordPress sites may be affected by a critical security vulnerability in the WP statistics plugin.
Posted 11. February 2022 by PacketSafari - 1 min read
STP Analysis with Wireshark: 3 Real-World Case Studies
Understanding and analyzing the Spanning Tree Protocol (STP) is crucial for network administrators and engineers. In this article, we will discuss three real-world case studies showcasing the power of Wireshark in STP analysis.
Posted 12. January 2022 by PacketSafari - 2 min read
Analyzing NTP Traffic with Wireshark: A Practical Guide for Network Administrators
Network Time Protocol (NTP) is a critical service for maintaining accurate time synchronization across networks. In this article, we will discuss how to analyze NTP traffic using Wireshark, a popular packet analyzer, and explore three real-world case studies.
Posted 10. January 2022 by PacketSafari - 2 min read
QoS Analysis with Wireshark: 3 Case Studies
Quality of Service (QoS) is essential for ensuring optimal performance and prioritization of network traffic. In this article, we dive into three case studies that demonstrate how to analyze QoS using Wireshark, focusing on both Layer 2 and Layer 3.
Posted 30. November 2021 by PacketSafari - 2 min read
Modern TCP Algorithms in Windows 10, 11 and Linux: Tuning and Common Problems
Explore modern TCP algorithms in Windows 10, 11, and Linux, and learn how to tune them for optimal performance. We'll also discuss common problems in clients and servers and their solutions.
Posted 13. November 2021 by PacketSafari - 2 min read
Wireshark TCP Trace Graph Tutorial
Are you tired of digging through lists of thousands of packets in Wireshark to troubleshoot a connection problem?
Posted 31. October 2021 by PacketSafari - 9 min read
Understanding TCP Spurious Retransmissions and How to Diagnose Them
TCP spurious retransmissions occur when a packet is unnecessarily retransmitted, even though the receiver has already acknowledged its receipt. This can lead to performance issues in the network. Learn how to diagnose and troubleshoot these issues using Wireshark and other analysis tools.
Posted 23. October 2021 by PacketSafari - 3 min read
Network Name Resolution Protocols and Mitigating MITM Attacks
In this article, we will explore various network name resolution protocols such as NetBIOS, mDNS, LLMNR, and DNS, and discuss how to identify and mitigate man-in-the-middle (MITM) attacks using Wireshark.
Posted 3. September 2021 by PacketSafari - 2 min read
Packet Capture Challenges in the Cloud: Case Studies and Real-World Examples
As more organizations move their operations to the cloud, network professionals face new challenges in capturing and analyzing packets. This article explores some of these challenges, provides real-world examples, and offers expert insights on overcoming them.
Posted 7. July 2021 by PacketSafari - 2 min read
VoIP Troubleshooting: Essential SIP and RTP Case Studies for Success
VoIP communication relies heavily on efficient and reliable connections, making troubleshooting an essential skill for network analysts. Explore practical case studies using SIP and RTP protocols to enhance your VoIP troubleshooting expertise.
Posted 18. March 2021 by PacketSafari - 2 min read
Capturing Bluetooth and USB Traffic with Wireshark: Expert Guide on Installing and Using NPCAP Driver
Understanding and analyzing Bluetooth and USB traffic is critical in the modern era of connected devices. Learn how to capture traffic data with Wireshark, install and use the NPCAP driver correctly, and gain valuable insights from your data.
Posted 4. February 2021 by PacketSafari - 1 min read
SMBv1 vs SMBv2 vs SMBv3: Understanding the Differences and Securing Your Network
SMB (Server Message Block) is a widely-used network protocol that enables file and printer sharing services. Over the years, it has evolved through multiple versions – SMBv1, SMBv2, and SMBv3 – each with its own improvements and security features. In this article, we dive into the differences between these versions and provide tips for securing your network.
Posted 9. June 2020 by PacketSafari - 4 min read
Packet Capturing on Mobile Devices: A Comprehensive Guide for iPhones and Androids
Packet capturing is an essential skill for network analysis and troubleshooting. In this comprehensive guide, we will discuss various mechanisms to capture packets on mobile devices like iPhones and Androids, and how to analyze them using Wireshark.
Posted 18. May 2018 by PacketSafari - 3 min read
Mastering the Art of Multicast Video Traffic Analysis: 3 Real-World Troubleshooting Case Studies
Multicast video traffic analysis is crucial for maintaining the quality of video streaming services. In this article, we dive into three real-world troubleshooting case studies and explore how Wireshark can help you identify and resolve common multicast video traffic issues.
Posted 20. April 2017 by PacketSafari - 5 min read
Advanced Troubleshooting of Kerberos Problems with Wireshark: 5 Real-World Case Studies
Kerberos is a widely-used authentication protocol, but when issues arise, it can be challenging to pinpoint the root cause. In this article, we delve into five real-world case studies that demonstrate how to troubleshoot and resolve common Kerberos problems using Wireshark.
Posted 20. February 2017 by PacketSafari - 2 min read
Unraveling Layer 2 Problems: Expert Tips for Troubleshooting Network Issues
Layer 2 problems are common in network environments, and troubleshooting them can be challenging. This article discusses the most frequent Layer 2 issues, such as network loops, VLAN mismatches, and speed/duplex mismatches, and provides expert tips for solving them using Wireshark.
Posted 14. October 2016 by PacketSafari - 2 min read
Link Aggregation: LAG, LACP, Etherchannel, MLAG, VSS, Stacking and FHRP
Discover the world of link aggregation and how it can improve your network's performance, redundancy, and resilience. Learn about LAG, LACP, Etherchannel, MLAG, Stacking, VSS, and FHRPs like HSRP, and explore how they work together to build robust network topologies.
Posted 10. March 2015 by PacketSafari - 6 min read