With all the buzz around Deepseek AI, I threw a couple of packet captures at it to see if it could help with the analysis and find root cause. I was actually pretty happy with the results, but I still had to dig deeper and fact-check the AI analysis. Not quite there yet but close! You can download the first pcap and follow along here: github.com/packetpioneer/yout... If you like, please let me know!! It helps. Really. Want more packet goodness? == More On-Demand Training from Chris == ▶Getting Started with Wireshark - bit.ly/udemywireshark ▶Getting Started with Nmap - bit.ly/udemynmap

As always, no BS, straight to the point content, Chris's videos are the best!!

That's pretty cool. I did this on a local copy of Deepseek and Ollama to run it local. I used a packet from created when I started got through your masterclass series. Very cool. I can see where this would be extremely helpful to help navigate a capture. I'd still look at the actual capture but a 2nd set of eyes to partner with. This is where AI has great potential.

Never thought of using AI model for pcap analysis. Thank uou

Chris this is fantastic! It is interesting how it can help speed up analysis however knowing the skill is essential and so fortunate for your work.

One issue is that you're using the older v3 model instead of the newer reasoning (r1) model which is what deepseek blew up in popularity from. At the bottom of the input text bar you can enable the R1 Reasoning "Deepthink". You will likely see better and more in depth results.

Chris! This is really nice. Thank you for putting this video together for us. I will use it to practice and get some guidance to improve my traffic analysis skills 🤗

At last one sensible expert, warning about security and privacy of deepseek👍

Chris, always cutting edge, on spot, current. Nice

Thank You Chris once again for your hints! Haven't been long on your channel, but glad You are still here and making very handy content. ;-) (literally a few years back You teached me from scratch thru your series how to read pcaps) From zero to hero BRO 👍

Excited for the future auto AI packet analysis

That was fascinating. I'm now going to go back and use the packet captures that you've supplied to us previously and experiment with DeepSeek and the other AI platforms, see if I can learn something new. Thanks.

Thank you for great tutorial. Didn't think about Deepseek for packet debugging

Thanks for keeping us up to date, this is really cool.

Thanks for this Video, it's very cool to see the posibilies of AI in the IT Security!

Good Job DeepSeek AI! one more source to get job done! and thank you Chris happy new year for you and your family

Great video sir. I look forward to your next video.

Great video as always. So the message is, "Deepseek is good, but not Chris Greer good." I can empathize with Deepseek, we do our best.

Great video Chris. Very interesting!

Amazing job, Chris.

You're gonna make a packet head out of DeepSeek! Thanks for the video, great to see it!

Good video, I just discovered your channel. It will be great to see this experiment with the R1 model.

Thanks, Chris! Great demo and information. I appreciate the insight.

Hey! I am Working for SonicWall! don't blame us! ..just kidding... never used AI to analyze packets, will give a try! awesome video! as usual! thanks

It can be interesting if you compare the result with another AI like chatgpt to see which can be more precise in this exercise 😁

good video,i always watch every video you uploaded,and i have learned lots of network knowledge especially wireshark ,thanks for your efforts

Thank you Chris, Excellent test and confirmation that AI chat bots may in fact become part of our workflow.

Great stuff 👍🏻 This could be fantastic with a local DeepSeek r1 instance.

Nice analysis demo.

New insights..thanks Chris

as usual, amazing stuff

Thanks!.. Didn't know you can do this with wireshark

Interesting lab! Thanks for sharing!!!

Thanks for the video. I wonder how it would have performed on the second capture if you had turned on deepthink for reasoning

Amazing video and great content as always. Thank you for doing these videos. My two cents: could you name the files differently like 'capture1.txt' before uploading to Deepseek? This way we will know that Deepseek didn't use the file name as a clue of the issue. Again, thank you.

Awesome video! Curious to see how Qwen 2.5 would perform as well...

It would be very interesting in finding out with wireshark if there are leaks in a local install of Deepseek??? Important for businesses

wow chris I just finish your video with D.Bombal u guys are doing a great great job, now so quick u are teeling us about deepseek THx for all the information you give

Really fun stuff. NG AI-based IDS systems do this all day, but they don't really analyze why something didn't work, rather suspicious things.

Is there any particular reason you did not click on the DeepThink (R1) button in DeepSeek's UI?

Very cool. Would love to see some cyber security examples to see if it comes up with the correct conclusion.

Would love to see the comparison with chatgpt and other AI models

Get info as usual Chris. One question I have is how do you sanitize the data before submitting it?

I know you can ask these LLMs loaded questions to get them on the right track or to sway them. I wonder if the filename affects its output, or the speed of response. Are we leading it?

Awesome, idea!!!!

It could be interesting to see, if the distilled versions of Deep Seek could come to the same conclusion.

Cool video!

🔥🔥🔥

I wonder if the file name helps it though.

Thanks 🙂.

absorbed knowledge thanks bro

Great video. Can I provide AP logs and syslogs to Deepseek and will it debug the logs and give client disconnect reasons?

I think you just used deepseek v3 and not r1 (you need to activate it by toggling the deepthink button in the right bottom of the chat text box)

I am following the sames you did, but deepseek not accepting the fille saying "extract only text from images and files"

Very nice. Going to try it locally using ollama AND LM Studio to rate their inferences. I mean, why feed someone else when you can run your own.

Love from Bangladesh bro.

Chasing that algorithmic trend ;)

Ok kewl. Now, lets feed it some from Malware Traffic Analysis repo pls

Nice ❤

am not able to upload text file

Dude enable R1 …..this is weird to use the older v3 model without reasoning

How about running DeepSeek locally, then monitor the network to see if it is secretly reaching out and sending data back to China. In concerns me anytime I run anything that was developed in China. I know Ollama and LMStudio can run DeepSeek models. I find it hard to believe they wouldn't embed something bad in DeepSeek.

Thanks

Amazing!! ....by the way: I'm a dummy on this, but, I'd listened that you can hear calls/audio/packets. Is it possible? How?....and....can we automate this with A.i.?......Thanks!

lol you didn't even use the reasoning R1 model, which is probably way better for this task

But didn't you already give it a hint by namking the file name as tlsbroken.txt ??

I got palo firewall to analyze 😅😅

👏🏻👏🏻👏🏻

Song name??

Maybe run a pcap?

Oh I thought you were going to run wireshark while you use a local DeepSeek model and examine its network activity so we can 'know' where or if the data is going.

How do you use the deepseek? I can get submit a couple of prompts daily, otherwise the servers are busy...

If it is American ai server whatever data you can put, but if it other countries, warning signs. Isn't that hypocrisy

neato!

👏👏👏

You might have kind of given it away by naming the files... like, undoubtably it adds bias to the output when you name the datasource e.g. "rst errors" instead of just "pcap", no?

I recommend asking it the problem he found it the packet without saying further information such, why does break Meanwhile if this working well by training it can do some complex tasks that cybersecurity analyst take around 15 minutes to find out.

"Tell me what the problem is in this file that I named with what the problem is" doesn't seem like much of a test.

Imagine you create AI agen to automatically do all that for you and report back to you! I have already left this Cyber Security career..after 30 years doing this shit!

A/b with other well known and used ai enhancements led search engines

The one thing AI will not thrive on is cyber security. If this thing hallucinates and misses a serious threat while analyzing packets, the company is done.

Splunk should AI jazzed their software

I _am_ a packet-person... :o

I wonder if it could be jerry rigged into any APIable network ecosystem and eat Mist's lunch

Great stuff

Why did you name the file 'tcpresets'? You gave extra-context, man!

Men you look soo good with Beard ... pls dont do full shave ever ... Thank you for the video

Why no one before do this tests to any other llm !!!!!!! Is not a question

Enable the “deep think R1” flag, then it will try to reason its conclusions

You're not using R1, you're using DeepSeek V3, you need to select R1 to activate it....

Helo Cris i lookin g you do this deepsek wit the sharks ande i like. looke good fo me tank you much. so look mor sharks for this deepsek. also my siestes like you hannesom i pushe thies botton an look fo buy shaks you my fient. i like thies anmay be i now won the gifft you tank you. I hav ni poblem fo many monnies buy the sharhs. how much for tis sharks to buy tank you? im like thies vere good tank you cris tank you

It looks like cybersecurity will be cut by 90% like software engineers in a couple of years right ? I see people are so much in denial 😂

All good great until it's found it really Chinese spyware.