CloudShark Blog

Training, webinars, and resources for network analysis

Thursday, Oct 18, 2018

Using Column Presets in Wireless Analysis

Troubleshooting wireless problems often requires a deep dive down to the packet level. But with so much information in there, how do you know where to look first? CloudShark’s profile presets help set up your view to give you the summary columns you need. It’s a quick and easy way to get the most information about your network traffic. Here’s how to set it up for wireless captures. It all starts with the right profile Building on our own analysis experience, CloudShark has created a default profile for looking at 802.

Read the whole entry »


Tuesday, Oct 9, 2018

How to Identify and Analyze BitTorrent Alerts in Your Network

Tracking down BitTorrent activity with packet captures We love the exercises at malware-traffic-analysis.net, and occasionally we’ll pick some that we try to solve using CloudShark and its tools. This time however, we’re going through one armed with tools that we learned from Brad’s class (the author of malware-traffic-analysis) at Sharkfest US 2018, where he gave an in-depth class on using packet captures for malware analysis, as well as a presentation on Analyzing Windows malware traffic.

Read the whole entry »


Monday, Sep 24, 2018

A Fast Analysis of TCP Fast Open

Part 3 of our series exploring TCP examines the TCP “Fast Open” option and what to look for when troubleshooting TCP Fast Open (TFO) is an optional mechanism within TCP that lets endpoints that have established a full TCP connection in the past eliminate a round-trip of the handshake and send data right away. This speeds things up for endpoints that are going to keep talking to each other in the future and is especially beneficial on high-latency networks where time-to-first-byte is critical.

Read the whole entry »


Monday, Sep 10, 2018

Using CloudShark to ensure HIPAA privacy compliance

Network packet captures present an interesting problem for HIPAA compliance, but they don’t have to be one that causes headaches. When it comes to securing electronic assets, packet captures are often overlooked more than other network and IT related resources. This is because they tend to be esoteric - compliance officers don’t need or want to have packets on their minds. Also, the methods through which they are obtained trend towards creating local, unaccountable copies of the traffic going over your network.

Read the whole entry »


Tuesday, Aug 28, 2018

The TCP Timestamp Option

We’re on a mission to tackle TCP, take it apart, and learn more about how it makes the internet work. Sample Captures Ahead! As always, we've gathered up the captures mentioned in this article into this collection over on CloudShark Did you know you can make collections just like this with CloudShark too? Learn more... Sample Captures Ahead! As always, we've gathered up the captures mentioned in this article into this collection over on CloudShark Did you know you can make collections just like this with CloudShark too?

Read the whole entry »


Categories

Topics

Older Entries

About Us

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: