Free Wireshark Training Course Online

Take a free Wireshark Jumpstart training class online at

Tuesday, May 25, 2010

Peeking at Google's Secure Search Beta Traffic

Watch the new video comparing Google searches using HTTP and HTTPS -
now available at Note that the two trace files
used in the video are in the download section of that site.

If you haven't been following Google lately, you might have missed their "secure
search" announcement. It's HTTPS-based, but don't think you're totally secure
from prying eyes when you web browse (also see Chapter 23 of the Wireshark
Network Analysis book for details on HTTPS analysis).

Secure Search Doesn't Hide Target Browsing
Just because your Google search process is running with HTTPS and is
encrypted, this doesn't mean that when you click that link your browsing
session that follows is encrypted. Some chatter last week indicated that
Google's "secure search" somehow protected you more than it really does.
Sure, your browsing session is encrypted, but the minute you click on an HTTP
link, I can read the DNS query issued (if any) and the HTTP session to the target

Yes, Removing the Referrer Data will Screw up Analytics
One "side effect" of Google's secure search option is that when you click on the
target link from the Google's secure search page, the referrer information is not
sent to the target - they can't tell from whence you came. Oh, boy - this really is
going to mess up the analytics.

Analytics-hounds are going to freak out on this one!

Get an All Access Pass at
here and check out the video detailing the two Google
search processes.

Enjoy life... one bit at a time!


Sunday, May 2, 2010

Talking Tech with RunAs Radio

Last week I had the chance to talk with Richard Campbell and Greg Hughes of
RunAs Radio. You can listen

Don't know about RunAs Radio?
RunAs Radio started back in 2007 and offers weekly radio shows primarily for a
Microsoft-centric audience. My episode #160! I got interested in RunAs Radio
when I learned that Andy Malone had been interviewed recently on RunAs Radio
(I'm on a Cloud Computing panel with Andy at TechEd next month).

Grey Hair, Fire Extinguishers, Needles in a Haystack, Vegas and More
Although the session started with a reference to my ever-increasing grey hairs
and the need for a fire extinguisher in the kitchen, Richard pushed towards the
issues related to wireless analysis. "It's been abused so much."

We chatted about "jacked up access points" and saturation of the WLAN
environment in a Vegas casino.

Cool Topics/Presenters
Visit the RunAs Radio archives to check out the other 159 programs. Here are
some that I really enjoyed listening to.

  • Doug Toombs - free tools - although he missed Wireshark for some
    unknown reason - at least he got Nmap in there. Listen here.
  • Nick Simons - he's the guy that killed Clippy - Nick talks about some free
    tools for IT pros. I know you all love free tools! Listen here.
  • Steve Riley - now over at Amazon's Cloud Computing division - it's
    always interesting to listen to Steve. Listen here.

Go check out the podcasts at RunAs Radio and enjoy life... one bit at a time!


The "Death of" Series

I've been having a great time working on some really lousy networks! You too?! What a coincidence!

As conference season approaches (June), I've just finished writing up my draft presentations. I'll be starting a series of presentations inspired by the Dexter series on Showtime. As we've run through the entire season just recently, the
images of death were first and foremost on my mind when I started sketching out these presentations.

DEATH OF A NETWORK: Identify the Hidden Cause of Lousy Network Performance
I'm going to have fun with this one! This is my "finger pointing" session and I have some major pointing to do! I'm not going to sugar coat some of the more recent causes of pathetic performance and I'll be showing the trace files used
to nail down who's really killing the network.

DEATH OF SECURITY: Breached Hosts/Stolen Data/IP Espionage
A long conversation with a buddy at a 3-letter agency gave me some ideas of what to share in this session. We'll talk some recent case stuff before looking at suspicious traffic and have a heart-to-heart about the methods in which your
network security may fail you.

It's not all death and doom though. I added some "ugly network" humor in there. In fact I'm going to have difficulty keeping a straight face as I walk through the traffic of a certain hip phone that exudes attitude on the network. Hmmm.... who could that be?

I'll be recording these "Death of" presentations for our All Access Pass members, so get a membership if you want to
catch these new presentations without heading to a conference.

Of course, I won't be serving wine or beer, but you'll probably remember the information better that way!

Enjoy life... one bit at a time!