Free Wireshark Training Course Online

Take a free Wireshark Jumpstart training class online at

Thursday, November 27, 2008

Turkey Technology

It's here again... the dreaded 'Turkey Day'. Time to be humiliated in the kitchen once again...
Three times now I have been thwarted by technology in my attempts to cook the perfect turkey.
Year 1: Bought frozen turkey; put in refrigerator to thaw. Tough getting the thermometer into the dang bird (nearly broke the hammer I used to get it in). After 3 hours, thermometer never moved off '0' - figured the thing was broken. After 4 hours and a nicely browned skin in view, pulled turkey out and dressed it up for serving only to find that the bird must have still been frozen and there were bags o' turkey guts/neck still thawing inside the bird - whoops. Chinese restaurant open today. I am thankful for Mu Shu Pork!
Year 2: Thermometer got a bad rap last year. Thawed turkey completely; pulled out all bags o' bunk; into the oven it went. After 4 hours and a nicely browned bird, the thermometer wasn't up to the desired 165 degrees. Gave it another 2 hours and it still didn't get to 165... smell indicated something wasn't right. Removed charred and whithered bird and threw away thermometer. Papa John's is open today. I am thankful for pizza!
Year 3: Martha Stewart's 'high-heat' turkey would only take 2 hours to cook an 18 pounder - no thermometer needed - guaranteed by Martha. Bought the Martha roasting pan, cranked up oven to 475 degrees and threw the damn bird in. Set timer for 2 hours and relaxed with a glass of wine. Determined not to fret over bird. After two hours, opened oven to find the turkey took the heat quite well, but Martha's roasting pan didn't - flakey pieces of some coating material wafted up in the air and was stuck to the outside of the turkey, spotting it with silver 'snowflakes' of faux aluminum or some other toxic substance. Pulled out batch of spaghetti sauce I'd made that morning just in case. MMMM.... a home cooked meal on Thanksgiving! I'm thankful for foresight and decent chardonnay from a local winery.
This Year: After 3 years of humbling experienes and technology failures, friends have stepped up to invite my family to 'stop by' on Thanksgiving. Kids a bit to excited over the idea. Hmmm... Planning on going house to house bringing store-made pies and wine. My family and I will mooch our way through Thanksgiving and hope to spare the life of one turkey this year. No technology to count on other than my car. I expect my friends will share my 'turkey travails' with all the guests - I hear it's a good dinner story... I am thankful for my friends.
Next Year: Premade turkey with lasagna as a back-up (in case the bird doesn't fit in the microwave for reheating - the oven is retired and now stores kitchen items I'll never use again).
Happy Thanksgiving to all who celebrate.

Wednesday, November 12, 2008

Summit08 Wraps!

Puff, puff... It's a heck of a lot of work putting on a conference - hats off to the folks who do it year in and year out and actually smile through the process (they must have some strong meds). You are a sick lot, you know! Anyone care to guess how many pieces of bacon, sodas and beers were downed during the two-day Troubleshooting and Security Summit08 conference (November 4-5)? Me neither.

One of the highlights of the conference was having Gerald Combs (creator of Wireshark) join us to talk about capturing traffic in a virtual environment and Tom Quilty (BD Investigations) talking about the steps to take before and after a network breach occurs. Who ya gonna call?

It was great sitting around a table at the vendor party with those two as well as Ron Nutter from Network World as we swapped geeky war stories and shared some of the inside scoop on cybercrime events and Wireshark development (which are mutually exclusive topics, by the way). He he...
For those of you who didn't join us, you missed a great time. We played with VoIP reassembly, some ugly WLAN communications, loads of ugly file transfers caused by packet loss/high latency, a DHCP server gone awry, nasty SNMP traffic (that we configured to see using the MIB printer configuration), problems with autonegotiation, SMB2 protocol negotiation during a Vista client/Server 2008 connection, lost packets, totally pathetic websites, evidence of a "DNS walking" application, a redirector infection, SNMP scanning host and traffic hidden through port swapping.

Two nights before the conference I added a set of trace files taken at a client and a server - I really wanted to show how to alter the timestamps because one analyzer was off on the timesync and then merge the two traces together, colorizing the two sets to differentiate them. I love this stuff!

Now my days are spent buiding the Summit 08 Wrap-Up site - if you attended Summit 08 you will receive your login credentials by the end of the week. I've put together four videos covering the MS08-067 vulnerability, the trace file merging process, building and sending custom packets and the Summit 08 Wrap-Up Checklist. In addition, I have a discount code for NetScanTools Pro and Pilot/Pilot+AirPcap EX3 bundle also going up on your Wrap-Up site (you already should have the code for 50% off the Wireshark University self-paced courses - good through December 31st).

So... would we ever do the conference again? Absolutely! We've already started planning based on the feedback we received. Register for notification at and I'll send you an email when Summit 09 registration opens and details on the Early Bird Special pricing. Alumnae will get special discounted pricing on Summit 09.

Now... just a couple more days until I head off to Portugal for the Vantagem conference. After that, it's the ATT Live conferences in Salt Lake City and then... well... then it's 2009 and time to start development on Summit 09!

[off to the Wrath of the Lich King launch party... 2 hours and counting...]