PacketSafari

Creator of Packet Safari. Developer lead.

@bockcay

Blog posts

Read more

Ransomware Protection: Best Practices in Backup and Defense

Ransomware attacks are a persistent and ever-evolving threat, with devastating consequences for affected organizations. With the ongoing increase in the frequency and sophistication of these attacks, it's now more important than ever to ensure your organization has robust ransomware protection measures in place. In this article, we'll delve deeper into the essential concepts and methods for effective ransomware defense and backup.

Posted 2. June 2023 by PacketSafari - 3 min read

Read more

NIS2 Directive: All You Need to Know

Looking for comprehensive information about NIS2 Directive compliance? You've come to the right place.

Posted 21. May 2023 by PacketSafari - 1 min read

Read more

Zero Trust: Building a More Secure IT Environment

Ready to take your organization's security to the next level? Learn about the zero trust approach and how it can help keep you safe from cyber threats.

Posted 27. April 2023 by PacketSafari - 1 min read

Read more

PacketSafari is looking for Sponsors

After years of development PacketSafari is looking for sponsors.

Posted 25. April 2023 by PacketSafari - 2 min read

Read more

Filtering Insecure Communication in Wireshark: Uncovering Security Risks

Insecure communication protocols can pose a significant risk to network security. Learn how to use Wireshark to filter and analyze these insecure protocols, such as HTTP, FTP, DNS, NTP, and BGP, to uncover potential vulnerabilities in your network.

Posted 28. March 2023 by PacketSafari - 2 min read

Read more

GDPR Compliance: Everything You Need to Know

Are you struggling to navigate the GDPR compliance landscape? Get up-to-speed with everything you need to know in our comprehensive guide.

Posted 27. March 2023 by PacketSafari - 2 min read

Read more

Cracking the CTF Challenge: Analyzing see-through.pcapng to Find the Flag

In this article, we'll dive into the analysis of a capture-the-flag (CTF) challenge using see-through.pcapng. We'll learn how to find the flag using PacketSafari and Wireshark by filtering for specific TCP packets and examining their contents.

Posted 20. March 2023 by PacketSafari - 2 min read

Read more

PCAP Analysis: Tips and Tricks for Effective Network Traffic Analysis

Learn essential tips and tricks for effective PCAP analysis to improve your network traffic analysis and network security.

Posted 20. March 2023 by PacketSafari - 3 min read

Read more

The Importance of NIS2 in Protecting Against Advanced Malware Attacks

Learn why NIS2 is a crucial component in preventing advanced malware and other malicious cyber attacks

Posted 15. March 2023 by PacketSafari - 1 min read

Read more

NIS2 Directive: Best Practices for Conducting Risk Assessments

Learn the best practices for conducting risk assessments in compliance with the NIS2 Directive.

Posted 15. March 2023 by PacketSafari - 2 min read

Read more

Unraveling the IPv4 Protocol: The Significance of IP IDs and the IPv4 Header Explained

The IPv4 protocol is an essential component of internet communications, allowing data to be transmitted across networks. This article delves into the importance of IP IDs for correlating packets at multiple capture points and provides an in-depth explanation of the IPv4 header.

Posted 21. February 2023 by PacketSafari - 2 min read

Read more

The Importance of Multi-Factor Authentication for NIS2 Directive Compliance

Learn why multi-factor authentication is a crucial security measure for organizations looking to comply with the NIS2 Directive.

Posted 15. February 2023 by PacketSafari - 1 min read

Read more

Staying Ahead of the Curve: NIS2 and Proactive Network Monitoring

Discover the importance of proactive network monitoring in maintaining compliance with the NIS2 directive, and learn from real-world case studies on how to stay ahead of security threats.

Posted 15. February 2023 by PacketSafari - 2 min read

Read more

How to Analyze PCAP Files Online: A Beginner's Guide

Learn how to analyze PCAP files online with this beginner's guide. Discover essential tips and tools for effective network traffic analysis and network security.

Posted 10. February 2023 by PacketSafari - 4 min read

Read more

Wireshark CTF Challenges: 5 Real-World Case Studies

Capture the Flag (CTF) competitions are a popular way for cybersecurity enthusiasts to test their skills and learn new techniques. In this article, we will explore 5 real-world Wireshark CTF challenges and share expert tips on how to tackle them.

Posted 4. February 2023 by PacketSafari - 2 min read

Read more

Online Wireshark Training by the makers of the online PCAP analyzer PacketSafari

Learn how to use Wireshark, the world’s most popular network protocol analyzer, with online training by the makers of PacketSafari, the online PCAP analyzer. Develop your network analysis skills and gain hands-on experience in real-world scenarios.

Posted 24. January 2023 by PacketSafari - 2 min read

Read more

NIS2 Directive: The Importance of Incident Response Plans

Having an effective incident response plan is crucial for compliance with the NIS2 Directive - here's why.

Posted 23. January 2023 by PacketSafari - 1 min read

Read more

RTP Voice Stream Analysis in Wireshark: Common Problems and Solutions

Real-time Transport Protocol (RTP) is a critical component for transmitting voice and video data over IP networks. This guide will help you analyze RTP voice streams in Wireshark, identify common issues like packet loss and jitter, and learn the acceptable values for optimal performance.

Posted 19. January 2023 by PacketSafari - 2 min read

Read more

CTF and Creative PCAP Challenges: A Walkthrough of 5 Unique Cases

Capture the Flag (CTF) competitions and creative PCAP challenges are excellent ways to test and improve your packet analysis skills. In this article, we will walk through five unique case studies and provide expert insights to help you master these challenges.

Posted 13. January 2023 by PacketSafari - 3 min read

Read more

Investigating Network Issues with ARP: Real-World Case Studies Using PacketSafari and Wireshark

ARP is a critical protocol in network communication, and it can often be the cause of network issues. In this article, we will explore real-world case studies of network issues caused by ARP, and how they can be investigated using packet analysis tools like PacketSafari and Wireshark.

Posted 29. December 2022 by PacketSafari - 2 min read

Read more

Packet Analysis of HTTP Traffic: Wireshark vs. Intercepting Proxies like Burp Suite

When it comes to HTTP traffic analysis, both Wireshark and intercepting proxies like Burp Suite offer valuable insights. This article will compare their features, limitations, and use cases to help you choose the right tool for your needs.

Posted 27. December 2022 by PacketSafari - 2 min read

Read more

Troubleshooting Cases with Wireshark: CDP, OSPF, RIP, BGP, EIGRP

In this article, we dive into troubleshooting cases using Wireshark for network protocols like CDP, OSPF, RIP, BGP, and EIGRP. We will provide real-world examples, expert knowledge, and useful Wireshark filters for each protocol.

Posted 27. December 2022 by PacketSafari - 2 min read

Read more

Demystifying ICMP Errors: Understanding Destination Unreachable, Fragmentation Needed, and MTU Issues

ICMP errors are crucial in diagnosing network problems, yet they can be quite complex to understand. In this article, we will demystify ICMP errors, focusing on destination unreachable, fragmentation needed, and MTU problems.

Posted 27. December 2022 by PacketSafari - 2 min read

Read more

TCP Segment Loss in Wireshark: Expert Tips and Tricks

TCP segment loss can be a major cause of network performance issues. Learn how to identify and troubleshoot TCP segment loss using Wireshark, the popular packet analysis tool.

Posted 27. December 2022 by PacketSafari - 4 min read

Read more

PCAP Analysis of Video Conferencing Traffic: Zoom, WebEx, and GoToTraining

As video conferencing becomes more prevalent, understanding the traffic generated by these platforms is crucial for network administrators and security professionals. In this article, we delve into PCAP analysis of video conferencing traffic, with examples from Zoom, WebEx, and GoToTraining.

Posted 27. December 2022 by PacketSafari - 2 min read

Read more

Solving TryHackMe Wireshark Filters room with PacketSafari - Part I Protocol Filters

Wireshark Filters room by Chris Greer on TryHackme was designed to be solved with Wireshark. Let us try to solve it using the PacketSafari SaaS app

Posted 27. December 2022 by PacketSafari - 3 min read

Read more

Safeguarding privileged access management in the age of remote work

Are your PAM solutions really as secure as you think? Find out how keystroke injection can crack their clipboard and file copy protections.

Posted 8. December 2022 by PacketSafari - 9 min read

Read more

Wi-Fi Traffic Analysis with Wireshark: 5 Case Studies You Need to Know

Wi-Fi traffic analysis is crucial for understanding network performance, identifying security vulnerabilities, and troubleshooting connectivity issues. This article presents five real-world case studies to demonstrate the power of Wireshark in analyzing Wi-Fi traffic.

Posted 10. November 2022 by PacketSafari - 2 min read

Read more

Windows name poisoning remains a dangerous attack vector

This Windows attack breaks active directory, your corporate VPN and lock screen.

Posted 25. October 2022 by PacketSafari - 5 min read

Read more

How to decrypt TLS traffic in Wireshark

Read TLS traffic as if it wasn't encrypted.

Posted 7. October 2022 by PacketSafari - 3 min read

Read more

Wireshark 4.0 ships display filter syntax update

The new syntax addresses filtering limitations that have been present for many years.

Posted 6. October 2022 by PacketSafari - 7 min read

Read more

Wireshark has a new default layout

The new 4.0 version features a new default layout that experienced analysts have used for a long time. Here is why.

Posted 5. October 2022 by PacketSafari - 2 min read

Read more

Comparing HTTP/1, HTTP/2, HTTP/3, and QUIC: Key Differences, Commonalities, Pipelining, and Multiplexing

As the internet evolves, so do the protocols that enable communication between clients and servers. In this article, we explore HTTP/1, HTTP/2, HTTP/3, and QUIC, discussing their key differences, commonalities, and the concepts of pipelining and multiplexing.

Posted 1. October 2022 by PacketSafari - 2 min read

Read more

IEC 60870-5-104 and IEC 61850 Protocol Analysis with Wireshark

IEC 60870-5-104 and IEC 61850 are two essential communication protocols used in the power industry for monitoring, control, and automation of electrical substations. In this article, we dive into the analysis of these protocols using Wireshark, and provide tips and tricks to help you troubleshoot and optimize your network.

Posted 3. August 2022 by PacketSafari - 2 min read

Read more

Layer 2 and 3 Changes in First Hop Redundancy Protocols: Failover and Active-Active Mechanisms

First Hop Redundancy Protocols (FHRPs) ensure network reliability by managing Layer 2 and Layer 3 changes during failover and active-active scenarios. In this article, we will explore how FHRPs handle these changes and the mechanisms behind their operation.

Posted 20. April 2022 by PacketSafari - 3 min read

Read more

A short Guide to DNS Protocols: DoH, DoT, DNSSec, and DNSCurve

Discover the various DNS protocols, how they differ, their usage statistics, and real-world case studies. Learn how to analyze and troubleshoot DNS issues using packet analysis tools like Wireshark and PacketSafari.

Posted 22. March 2022 by PacketSafari - 3 min read

Read more

Basics of First Hop Redundancy Protocols: Analysis and Troubleshooting with Wireshark

First Hop Redundancy Protocols (FHRPs) are crucial for ensuring network availability and resilience. In this article, we delve into the world of FHRPs, discussing their operation, impact on packet capture, and how to troubleshoot them using Wireshark.

Posted 20. March 2022 by PacketSafari - 2 min read

Read more

Unraveling DNS Mysteries: 3 Real-World Case Studies Analyzing DNS in Wireshark

DNS-related issues can be complex and challenging to diagnose. In this article, we'll explore three real-world case studies that demonstrate how Wireshark can help you uncover the truth behind DNS-related issues and provide valuable insights.

Posted 23. February 2022 by PacketSafari - 3 min read

Read more

How to build Wireshark tools in a docker container

This tutorial shows you how to build Wireshark using docker and create a lean container

Posted 15. February 2022 by PacketSafari - 3 min read

Read more

How to merge Wireshark upstream changes into a local fork

How to merge Wireshark upstream changes into a local branch of a fork

Posted 14. February 2022 by PacketSafari - 3 min read

Read more

GDPR, Google Analytics and leaking hashes

Around 600000 WordPress sites may be affected by a critical security vulnerability in the WP statistics plugin.

Posted 11. February 2022 by PacketSafari - 1 min read

Read more

STP Analysis with Wireshark: 3 Real-World Case Studies

Understanding and analyzing the Spanning Tree Protocol (STP) is crucial for network administrators and engineers. In this article, we will discuss three real-world case studies showcasing the power of Wireshark in STP analysis.

Posted 12. January 2022 by PacketSafari - 2 min read

Read more

Analyzing NTP Traffic with Wireshark: A Practical Guide for Network Administrators

Network Time Protocol (NTP) is a critical service for maintaining accurate time synchronization across networks. In this article, we will discuss how to analyze NTP traffic using Wireshark, a popular packet analyzer, and explore three real-world case studies.

Posted 10. January 2022 by PacketSafari - 2 min read

Read more

QoS Analysis with Wireshark: 3 Case Studies

Quality of Service (QoS) is essential for ensuring optimal performance and prioritization of network traffic. In this article, we dive into three case studies that demonstrate how to analyze QoS using Wireshark, focusing on both Layer 2 and Layer 3.

Posted 30. November 2021 by PacketSafari - 2 min read

Read more

Modern TCP Algorithms in Windows 10, 11 and Linux: Tuning and Common Problems

Explore modern TCP algorithms in Windows 10, 11, and Linux, and learn how to tune them for optimal performance. We'll also discuss common problems in clients and servers and their solutions.

Posted 13. November 2021 by PacketSafari - 2 min read

Read more

Wireshark TCP Trace Graph Tutorial

Are you tired of digging through lists of thousands of packets in Wireshark to troubleshoot a connection problem?

Posted 31. October 2021 by PacketSafari - 9 min read

Read more

Understanding TCP Spurious Retransmissions and How to Diagnose Them

TCP spurious retransmissions occur when a packet is unnecessarily retransmitted, even though the receiver has already acknowledged its receipt. This can lead to performance issues in the network. Learn how to diagnose and troubleshoot these issues using Wireshark and other analysis tools.

Posted 23. October 2021 by PacketSafari - 3 min read

Read more

Network Name Resolution Protocols and Mitigating MITM Attacks

In this article, we will explore various network name resolution protocols such as NetBIOS, mDNS, LLMNR, and DNS, and discuss how to identify and mitigate man-in-the-middle (MITM) attacks using Wireshark.

Posted 3. September 2021 by PacketSafari - 2 min read

Read more

Packet Capture Challenges in the Cloud: Case Studies and Real-World Examples

As more organizations move their operations to the cloud, network professionals face new challenges in capturing and analyzing packets. This article explores some of these challenges, provides real-world examples, and offers expert insights on overcoming them.

Posted 7. July 2021 by PacketSafari - 2 min read

Read more

VoIP Troubleshooting: Essential SIP and RTP Case Studies for Success

VoIP communication relies heavily on efficient and reliable connections, making troubleshooting an essential skill for network analysts. Explore practical case studies using SIP and RTP protocols to enhance your VoIP troubleshooting expertise.

Posted 18. March 2021 by PacketSafari - 2 min read

Read more

Capturing Bluetooth and USB Traffic with Wireshark: Expert Guide on Installing and Using NPCAP Driver

Understanding and analyzing Bluetooth and USB traffic is critical in the modern era of connected devices. Learn how to capture traffic data with Wireshark, install and use the NPCAP driver correctly, and gain valuable insights from your data.

Posted 4. February 2021 by PacketSafari - 1 min read

Read more

SMBv1 vs SMBv2 vs SMBv3: Understanding the Differences and Securing Your Network

SMB (Server Message Block) is a widely-used network protocol that enables file and printer sharing services. Over the years, it has evolved through multiple versions – SMBv1, SMBv2, and SMBv3 – each with its own improvements and security features. In this article, we dive into the differences between these versions and provide tips for securing your network.

Posted 9. June 2020 by PacketSafari - 4 min read

Read more

Packet Capturing on Mobile Devices: A Comprehensive Guide for iPhones and Androids

Packet capturing is an essential skill for network analysis and troubleshooting. In this comprehensive guide, we will discuss various mechanisms to capture packets on mobile devices like iPhones and Androids, and how to analyze them using Wireshark.

Posted 18. May 2018 by PacketSafari - 3 min read

Read more

Mastering the Art of Multicast Video Traffic Analysis: 3 Real-World Troubleshooting Case Studies

Multicast video traffic analysis is crucial for maintaining the quality of video streaming services. In this article, we dive into three real-world troubleshooting case studies and explore how Wireshark can help you identify and resolve common multicast video traffic issues.

Posted 20. April 2017 by PacketSafari - 5 min read

Read more

Advanced Troubleshooting of Kerberos Problems with Wireshark: 5 Real-World Case Studies

Kerberos is a widely-used authentication protocol, but when issues arise, it can be challenging to pinpoint the root cause. In this article, we delve into five real-world case studies that demonstrate how to troubleshoot and resolve common Kerberos problems using Wireshark.

Posted 20. February 2017 by PacketSafari - 2 min read

Read more

Unraveling Layer 2 Problems: Expert Tips for Troubleshooting Network Issues

Layer 2 problems are common in network environments, and troubleshooting them can be challenging. This article discusses the most frequent Layer 2 issues, such as network loops, VLAN mismatches, and speed/duplex mismatches, and provides expert tips for solving them using Wireshark.

Posted 14. October 2016 by PacketSafari - 2 min read

Read more

Link Aggregation: LAG, LACP, Etherchannel, MLAG, VSS, Stacking and FHRP

Discover the world of link aggregation and how it can improve your network's performance, redundancy, and resilience. Learn about LAG, LACP, Etherchannel, MLAG, Stacking, VSS, and FHRPs like HSRP, and explore how they work together to build robust network topologies.

Posted 10. March 2015 by PacketSafari - 6 min read