CloudShark

Tagged: Security

Monday, Sep 19, 2016

Best Practices for Managing and Securing Network Capture Files

This article is the full text of our white paper on the same topic Packet Capture Files: Valuable but Vulnerable Packet capture files - files that record network traffic—are invaluable resources for network administrators, help desk staff, and IT security experts. Filled with application data and protocols, timestamps, and error codes, these files provide IT engineers with a detailed view of what took place on a network during a specific period of time.

Read the whole entry »


Friday, Sep 16, 2016

HIPAA, shadow IT, and the packet capture problem

Note: We here at CloudShark aren’t HIPAA experts, we just think its neat to talk about. Don’t take this as “official” advice. Recently we’ve been having some “water-cooler” (we don’t have a water cooler, it’s actually a shark tank) discussion around the security of packet captures in general, and naturally, how that applies to regulations like HIPAA, the “Health Insurance Privacy and Accountability Act”. HIPAA and packet captures The relevant parts of HIPAA to packet capture security include sections on workstation use and security, device and media controls (including rules for backup and storage), access controls to electronic resources, and a section that addresses transmission security, which requires encryption of those record during transmission.

Read the whole entry »


Thursday, Jul 2, 2015

How do you debug web applications that use encrypted channels?

Well, it’s official; the IETF has officially deprecated SSLv3.0. This means that it’s now a protocol violation to fall back to it. This is good news, since the number and types of attacks have been on the rise for awhile now. We’d like to take the opportunity to explore how to debug web applications that use HTTPS over SSL/TLS in CloudShark. It’s undeniable that debugging HTTP traffic is one of the most common use-cases for a packet decoder.

Read the whole entry »


Published Thursday, Feb 19, 2015

Senior Certified SANS Instructor Paul Henry Uses CloudShark to Enhance Network Security Courses

Here is a case study with Vnet Security’s Paul A. Henry, a senior certified SANS instructor who explains how using CloudShark in his coursework has made network security education faster and clearer for his students.

Read the whole case study »


Monday, Feb 9, 2015

HIPAA, shadow IT, and the packet capture problem

Note: We here at CloudShark aren’t HIPAA experts, we just think its neat to talk about. Don’t take this as “official” advice. We’ve been harping lately on network security, which is one of the reasons we included secure delete as a new feature in CloudShark 2.4. This got us having some “water-cooler” (we don’t have a water cooler, it’s actually a shark tank) discussion around the security of packet captures in general, and naturally, how that applies to regulations like HIPAA, the “Health Insurance Privacy and Accountability Act”.

Read the whole entry »


Wednesday, Jan 7, 2015

2014 Was a Year of Big Security Breaches

If there’s one thing we noticed about 2014, it was the year of Really Big Vulnerabilities ™. Sure, these sorts of things happen all the time, but now more than ever it is becoming obvious that perimeter security is not sufficient and each constituent system in a network must be regarded as a public system, regardless of assumption. Systems will be compromised, and preparing for what to do after an attack is just as important as preventing attacks in the first place.

Read the whole entry »


Thursday, Feb 6, 2014

Upping the sensitivity on confidential captures

While CloudShark’s packet capture holding capacity is limited only by the size of the disks available to it, many of our CloudShark users are curious about what to do if they want to automatically delete captures after a certain period of time. Some may have certain security requirements about capture contents, or others want to make sure that sensitive data isn’t used for nefarious purposes later. Whatever the reason, automatically deleting captures is possible with a little scripting and the CloudShark API.

Read the whole entry »


Published Tuesday, Jan 7, 2014

Fox IT Uses CloudShark Appliance to Organize and Streamline Network Security Monitoring

We got a chance to sit down with one of CloudShark’s most engaging customers, Fox-IT, who sit on the front lines of the exciting Cybersecurity world. Here’s what they had to say about using CloudShark!

Read the whole case study »


Tuesday, Nov 19, 2013

Kerberos Decryption Support

If you don’t already know, one of CloudShark’s main features is the ability to manage RSA keys and allow those keys to be used to decrypt SSL traffic, allowing users to view encrypted data without ever having to give out your RSA keys. But what about other types of encryption? We were recently approached about support for Kerberos in CloudShark captures. CloudShark can actually support the decryption of Kerberos encrypted data using the Wireshark preferences file that we showed you before for fixing your RTP decode settings.

Read the whole entry »


Thursday, Feb 7, 2013

Intel "Packet of Death" Capture

UPDATE: Here is Intel’s official statement - it is important to note that this had little to do with Intel and only a specific manufacturer. The creator of AstLinux, Kristian Kielhofner, recently discovered a bug in certain model and version of Intel based Gigabit Ethernet implementations that can result in a “packet of death” that will bring down the network interface, requiring a power cycle of the interface in order to restore functionality.

Read the whole entry »


Tuesday, Jan 29, 2013

MITM Attack Capture Shared Through CloudShark

Last weekend, an apparent Man-In-The-Middle (MITM) Attack on the popular code sharing site github.com occurred, which seemed to originate from China for users trying to traverse the “Great Firewall”. This was strange, as there had been many news stories not even two days before about China blocking and then subsequently unblocking access to github. Whatever the reason, a subject of the attack was able to create a packet trace of it, and uploaded it to our free cloudshark.

Read the whole entry »


Thursday, Sep 6, 2012

Network Security Toolkit Integrates CloudShark

Read this great article by ISSA Journal on Cloudshark/NST integration! We are pleased to announce that Network Security Toolkit has integrated CloudShark upload capability into their 12.16.0-4104 release. NST is a very comprehensive suite of open source network security and analysis tools with a complete web interface, allowing you to perform a number of functions remotely by accessing the system on which NST is installed. The addition of the CloudShark Upload Manager lets NST users perform multi-tap packet capture and instantly upload those captures to a CloudShark Appliance - centralizing your captures and letting you view and analyze them anywhere on any device.

Read the whole entry »


About Us

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: