Troubleshooting slow networks with Wireshark // wireshark filters // Wireshark performance

Yes to war stories. Maybe also examples on how to make (easy) home labs to play around with wireshark to find network and/or application issues.

I’m a pretty simple person. I see David Bombal posted a video, I hit like. Haven’t even watched it yet, but I know it will be fantastic! Love your content!

After watching this video I feel like I learned something today. Thanks a lot, David for bringing such an amazing person to the show.

Once again David has brought in someone experienced in wire shark to lead us into the world of Networking troubles. Thanks David.....more of this.

Excellent. I've only been a network Admin 6 months , our Network Engineer retired and I was given the position and got my CCNA. There's so much I do not know. Its overwhelming I knew bare minimum about wireshark but it helped me fix 2 things. This really helped me learn a little more and in the spirit of one of the greatest greek philosophers Seneca says "Every night before going to sleep, we must ask ourselves: what weakness did I overcome today? What virtue did I acquire? " Wireshark is a network engineer virtue as far as I am concerned.

Another great collaboration by @David Bombal and @Chris Greer! The knowledge bombs dropped here are invaluable, thanks to both of you!

That was brilliant, I am returning to networking after a 5 year break and this work you guys are doing has given me a real boost in confidence that I am in the right place. I really enjoyed that, that data was enlightening, accessible and useful. Also interested to hear what that config was!!! Thank you very much

This guest is simply amazing! Each time I listen to a session and learn a lot of useful knowledge from it

Thank you both for this series. This is gold. Looking forward for more videos on real world experiences. Really loved the consulting scenarios. The teaser in the end was a good one. Will be curiously waiting for that story!

Thanks Chris and David for some great network knowledge content. One of the growing issues that I have is understanding broadcast traffic / trace coverage / segmentation (vlans).

Thanks, David, & Chris. This was great. Would love to see a lot more from Chris. BTW @ 53:20 is how I enter my passwords. :)

i love how i was just going to call my isp when i just got this video notification 😂

Hey David I was watching the TLS run down you did with the other SME on encryption and TLS communication. However... I noticed something in my analysis and following along with the video.,. I am gonna circle around to it today and take a second glance.. maybe check my f5 it may be effecting the handshake but.. for sure no certificate and or server done packets were within my tls handshake... just wanted to give you a heads up. Maybe they were encrypted or modified i haven't looked yet.. but none the less great stuff man... and chris is the man when it comes to wireshark and analsysis at the deep packet level. His shark fest tips have helped me identify many problems.. in the real world.
Keep up the awesome freedom of knowledge you guys give and dont charge for :)
Cheers!

Thanks for the wonderful session David & Chris... Looking forward for the war room sessions as well.

Thanks both of you guys we need more videos on Wireshark I'm a NOC Engineer and I really want to add Wireshark to my skills as we know Wireshark helps you a lot if you know how to play with it I will join Chris Greer course maybe I will find what I'm looking for.

Thank you guys for keeping on this great series!!

Chris is one of the nicest most helpful individuals I have ever contacted.

Chris is a legend. you got to appreciate david here, even though he knows things that Chris misses sometimes he gently remind him that as a question and doesn't try to show off. Have observed this with lot of guest, quality of a great host and something we could learn. keep bringing such content David. thank you

Great session.👍✌️Thank you David && Chris

High David and Chris, thanks a lot for the TCP Deep Dive series. It helped a lot to start find network problems with Wireshark. As always it is hard to find the needle.

Great video David! I've learned a lot, over and over again! Chris is a fantastic teacher. And yes, I can't wait to hear those war stories you've got Chris.

Like always great contents! Thanks to you both for this WS series and many more. ❤😊

Massive thanks guys! Brilliant examples. Looking forward to more stuff in this format. That “war stories” sounds great too 👍🏼

Loving the team ups w/ Chris. I’m learning so much and subscribed to his channel too.

Thank you very very much David and Chris, this series of videos of Wireshark are so usefull for me. Thanks to both for sharing your knowledge, greetings from Riviera Maya :)

Great video. Love these in depth videos about Wireshark with Chris. Keep them coming, and thanks.

I am teaching myself to pursue a career in cyber security. This is pure gold thank you so much!

I always love to watch your channel. Every time learn new things 😃

Still learning WS, very enlightening, thanks so much!!

49:53 Great question David. I was thinking about this question since Chris started with HTTP. Many thanks for this absolutely must question.

I have supported apps that others have built and you are 100% right. It is always the network fault as both the support personal and app developers don't want to be blamed (2 to 1). I have tried to use Wireshark in the past, but just too much info and not enough understanding. I have seen co-workers point at a random lines in Wireshark and say oh that is a network issue, but couldn't explain or prove why they know it is a network issue. For the un-trained (Like me) Wireshark is a 2 way street as it could lead to the wrong path. It is always refreshing to see how a professional packet analyst can look and filter Wireshark and (with little knowledge of the app in question) can articulate what is going on and give a reasonable path forward. Amazing, I love this discussion.

awesome content as always and and it's always great to see content from chris
btw you're getting pretty close to 1 million subs David
hope you get there real soon

David / Chris;
I love these Wireshark videos you've been doing. Even tho a lot of it I've already picked up on my own, just by running pcap's working as a Sec Analyst in PCI, there's still a bunch of stuff that I've learned watching these videos.
Please oh please...KEEP 'EM COMING!
You rock, @Chris Greer - thanks!!

This is awesome David! This could have saved tons of time and headaches in the past!

You nailed it David. Thanks for sharing these type of people to the community. ♥️🇳🇬

Great video. Big props to Chris. I always thjought he was observing TShark on Linux using a wifi usb adapter plug in which you can. But i didnt know I could install it natively on my Dell AND my Macs without using my Linux oS. Now I can see real info and really read serious traffic. I was never seeing any ip's or anything. just a bunch a minor AP traffic. Color codes never came up but now holy shit thee amount of traffic that colorized is nuts. I can finally see what my own personal traffic looks like on the wire. LOVE these videos on TShark with chris. Thank you so much David

Can't wait for the next in the series. As the "computer guy" at a retail store with really old crap infrastructure I could really use some pointers with narrowing down what is or is not happening that is impacting the network performance.

As a sysadmin/netadmin by trade, one skillset I've really neglected is packet capture/inspection as a means for troubleshooting & debugging or simple forensics. I normally rely on tools like Mikrotik's packet sniffer to get some basic information but this is clearly the better way to dive in and isolate the problem. Seeing all the encrypted hex traffic and mystical headers and protocols in Wireshark can be very intimidating, but the application itself seems very user-oriented and the filtering logic is very intuitive. This video has definitely sparked some interest in spending more time with wireshark as it's definitely going to be a skillset worth any effort and frustration in the learning curve, as it will save great deals of time (and probably money) in the long run. Thanks gents for the great content

Thanks Chris and David, real-time scenario would be fun to see

Thank You David and Chris! Great Video

this is GOLD!!!! War stories are awsome and gets insight on how to jump into issues. slowness is the hardest.

This is class and great tutorial.. Chris is master of his craft

Thank you, David and Chris.

Worth watching saved so much of time figuring out certain things in WS.

You and your guests are the best. i learn so much stuff about the networking field in a fan and entertaining maner.

this video is fantastic, would love to hear more about wireshark and war stories from Chris

Great initiative as i said knowing wirshark is so importante thx Mr Bombal, Chris is awesome with his claire explanation i love this topic

Awesome video! Another overview of wireshark and fragmentation (usually over VPNs) would be awesome!

I love to learn Wireshark. Very great video. Thanks

This is very good stuff. Please keep it up.

It's killer content as always. Thanks David & Chris. Respect

You are guilty until proven innocent! The network is slow! But is it actually a network issue? Or is it an application issue. Chris Greer explains.
// MENU //
00:00 ▶ Introduction
00:26 ▶ Intro
00:35 ▶ Wireshark filters introduction
02:20 ▶ Regular IP filter
05:28 ▶ Common filters
07:10 ▶ Operators in filters
08:19 ▶ Where to get the filter Power Point
08:55 ▶ Filter shortcuts
11:20 ▶ Filter buttons
12:10 ▶ TCP analysis flags
15:16 ▶ Filter buttons (cont'd)
17:15 ▶ TCP reset
18:35 ▶ How to apply filter as display filter
20:08 ▶ Experience vs Theory
22:19 ▶ Special filters
29:00 ▶ Time filters
38:22 ▶ Consulting scenario
49:45 ▶ HTTPS consulting scenario
55:33 ▶ Other filters
56:46 ▶ How to simplify p-caps
59:29 ▶ Signature filters
01:01:39 ▶ Quick recap
01:02:16 ▶ Conclusion
// MY STUFF //
www.amazon.com/shop/davidbombal
// SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
CZcams: czcams.com/users/davidbombal
//CHRIS GREER //
Udemy course: davidbombal.wiki/chriswireshark
LinkedIn: www.linkedin.com/in/cgreer/
CZcams: czcams.com/users/ChrisGreer
Twitter: twitter.com/packetpioneer
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

Thanks, I love your content. Keep it up

Thanks David for all your work and the free infomraiton you provide. Could you do a video on industrial networks profinet, EtherntIP etc., from network security point of view, please?

Thanks for the great presentation Chris and David. Really useful. Would love to hear some war stories!

DAVID amazing content as always with Chris. If it is possible if you guys can make DNS deep dive and troubleshooting with Wireshark, especially those related to active directory.

Fantastic video, thanks guys !!!

Great Tutorial! Would love to see a full Wireshark one on slow wifi debugging please!

This guy is amazing. The amount I learned in this one video is pretty amazing. Thanks

Chris Greer is amazing! Thanks for this!

Pure gold as always.

Nooooo! That cliffhanger was brutal!
Can't wait for the next part. I want to know all about those war stories!

Thanks David and Chris. Yes to War story

Great content👍 Thanks for coming back to networking in between we lost you David🙏🥰🥰

Incredibly helpful video!

David asks all the right questions

Very interesting lecture,.... Would be really useful though as continuation to have some inside tips about how to stitch packet traces/packets inside traces taken from different parts of the network and endpoints with focus on TCP sequencing and session stitching between those different captures - as most of the time to prove the point of application or network issue it is often needed to take packet traces on network devices too.

Thank you very beaucoup !!
And the chapters is very useful.

This is what I was hoping from a long time ago.

Excellent content gentleman!

Yes to war stories! Looking forward to watch the video!

Super nice content, keep it up!

amazing content
Much appreciated

Love to watch Chris. Learning an awful lot. And yes, please do a "war stories" video :)

Nice content...well explained. Especially the part where network guys were exonerated. Would you find a pcap to show how to prove its the application/server that has the lag. I would be helpful...

Really good info here, some I use already quite a bit. Wish they cleaned up the audio on this though

I recently had to use Wireshark at work - had no idea what I was doing (still don't) but think this should prove helpful
(Trying to track down Rx Length errors)

Thanks again David and Chris for the incredible information. I’m also a yes please to a war stories video. 👍

Great guy Chris.

amazing content thanks for sharing

Chris.. You guys should setup a lab with eve ng and simulate congestion and show how the congestion notifications work and how the window size works both in a compatible setup with ecn and ecw and one without the capability... and let me know if you guys do :)
Would love to be a part of it or follow it.

Great video!!

I was checking your video about wireshark early today and now here is the other one

Hey David could you make networking observing for ebpf systems?

This was amazing
Can we get to see deep dive in ssl(tls) and ssh

I came here for a casual watch, but as with every freaking Chris Greer video, here I am taking notes.

Hey, great videos, keep going. Of course, war histories would be very nice because is real world examples, its almost real world work expriences

Great , informative and practical as usual
Can you make video on IPsec and IKE like tlss handshake one from almost two weeks ago?

I'd love to hear the war stories!

David & Chris 🔥 Btw nice hat Chris 😁

What are the best filters to find the Network latency ? Please advise!

Yes! War stories and a run down on the profile on Chris Wireshark (specially the buttons he has)

A decade ago I was using WPE for my filtering which was great because it targeted an individual application. Now uh days browsers and many other apps use multiple processes so it's not practical 2day. In programming = would be to set a value to a variable. == Means "is equal to". === Means "is exactly equal to" usually for Case Sensitive issues. I'm thinking these are the same. War stories are great!

Nice video!

It would be good if attach the pcap for side by side analysis

Awesome, thanks a lot

Oddly this came out when I was searching to see why dsl connection is slow or drops. I’m pretty sure it’s upload hogging the bandwidth but I would like to make a graph as to what going up slows how much going down. There is a point that I can see upload device stays on network and continue upload but everyone else will show no internet so may drop its self from the network like windows will do sometimes

I see a pattern here that I could put into software maybe .. hmm .. client sends request, empty ack from server and time to wait until first application data and alike conversations point to performance problems of API endpoints? Could be a nice performance test suite.. :)

I DEFINITELY want to see war stories from Chris Greer.

FYI. In software dev, single = is assignment . Balance=5. Double equals, tests for that value. If(balance ==5).