Baselining Session – Tool or Tools

I’m surprised how many people either read about the free 2 hour baselining session too late, or asked to attend, but I had reached my limit of 10. A few people asked if I could ‘squeeze’ them in. Unfortunately, 10 is my limit to provide the proper attention in my sessions.

I’m hoping to have another one, I just don’t know when since paid engagements will take priority. I decided to put this one when I noticed I had a ‘quiet’ spot in my calendar.

After the event, I got a few emails asking to share the material, so I thought why not take a few slides and create a video so you can get the context of the slide.  In my opinion, just looking at a bunch of slides is totally different than attending and hearing the extra stuff I add when I’m presenting along with the attendee’s feedback.

Here is one of favorite slides. Let me know if you want more with a like.

Build A Capture Device With Linux And Wireshark in 10 Minutes

 I get a lot of emails asking how to build remote capture devices, especially when we make one when I’m onsite or remotely troubleshooting.

Before we get into it, I would like to explain that these remote capture computers are great for light duty use, like capturing packets from a client’s port when you are using a tap or mirror port.

This is not intended to replace heavy duty packet capture appliances you may have but mean to increase exposure to packet capture and analysis to more analysts.

I didn’t want this video to be 30 minutes, but more things you can consider after you have your computer up and running, is configuring the packet capture directory for SMB, ftp or http access or writing a script to transfer files to a server for you to analyze at a later date..