Yes to war stories. Maybe also examples on how to make (easy) home labs to play around with wireshark to find network and/or application issues.

Excellent. I've only been a network Admin 6 months , our Network Engineer retired and I was given the position and got my CCNA. There's so much I do not know. Its overwhelming I knew bare minimum about wireshark but it helped me fix 2 things. This really helped me learn a little more and in the spirit of one of the greatest greek philosophers Seneca says "Every night before going to sleep, we must ask ourselves: what weakness did I overcome today? What virtue did I acquire? " Wireshark is a network engineer virtue as far as I am concerned.

Once again David has brought in someone experienced in wire shark to lead us into the world of Networking troubles. Thanks David.....more of this.

This guest is simply amazing! Each time I listen to a session and learn a lot of useful knowledge from it

After watching this video I feel like I learned something today. Thanks a lot, David for bringing such an amazing person to the show.

Another great collaboration by @David Bombal and @Chris Greer! The knowledge bombs dropped here are invaluable, thanks to both of you!

I’m a pretty simple person. I see David Bombal posted a video, I hit like. Haven’t even watched it yet, but I know it will be fantastic! Love your content!

Chris is a legend. you got to appreciate david here, even though he knows things that Chris misses sometimes he gently remind him that as a question and doesn't try to show off. Have observed this with lot of guest, quality of a great host and something we could learn. keep bringing such content David. thank you

That was brilliant, I am returning to networking after a 5 year break and this work you guys are doing has given me a real boost in confidence that I am in the right place. I really enjoyed that, that data was enlightening, accessible and useful. Also interested to hear what that config was!!! Thank you very much

Thanks for the wonderful session David & Chris... Looking forward for the war room sessions as well.

Hey David I was watching the TLS run down you did with the other SME on encryption and TLS communication. However... I noticed something in my analysis and following along with the video.,. I am gonna circle around to it today and take a second glance.. maybe check my f5 it may be effecting the handshake but.. for sure no certificate and or server done packets were within my tls handshake... just wanted to give you a heads up. Maybe they were encrypted or modified i haven't looked yet.. but none the less great stuff man... and chris is the man when it comes to wireshark and analsysis at the deep packet level. His shark fest tips have helped me identify many problems.. in the real world. Keep up the awesome freedom of knowledge you guys give and dont charge for :) Cheers!

Chris is one of the nicest most helpful individuals I have ever contacted.

Thanks both of you guys we need more videos on Wireshark I'm a NOC Engineer and I really want to add Wireshark to my skills as we know Wireshark helps you a lot if you know how to play with it I will join Chris Greer course maybe I will find what I'm looking for.

I have supported apps that others have built and you are 100% right. It is always the network fault as both the support personal and app developers don't want to be blamed (2 to 1). I have tried to use Wireshark in the past, but just too much info and not enough understanding. I have seen co-workers point at a random lines in Wireshark and say oh that is a network issue, but couldn't explain or prove why they know it is a network issue. For the un-trained (Like me) Wireshark is a 2 way street as it could lead to the wrong path. It is always refreshing to see how a professional packet analyst can look and filter Wireshark and (with little knowledge of the app in question) can articulate what is going on and give a reasonable path forward. Amazing, I love this discussion.

Thanks Chris and David for some great network knowledge content. One of the growing issues that I have is understanding broadcast traffic / trace coverage / segmentation (vlans).

Thanks, David, & Chris. This was great. Would love to see a lot more from Chris. BTW @ 53:20 is how I enter my passwords. :)

As a sysadmin/netadmin by trade, one skillset I've really neglected is packet capture/inspection as a means for troubleshooting & debugging or simple forensics. I normally rely on tools like Mikrotik's packet sniffer to get some basic information but this is clearly the better way to dive in and isolate the problem. Seeing all the encrypted hex traffic and mystical headers and protocols in Wireshark can be very intimidating, but the application itself seems very user-oriented and the filtering logic is very intuitive. This video has definitely sparked some interest in spending more time with wireshark as it's definitely going to be a skillset worth any effort and frustration in the learning curve, as it will save great deals of time (and probably money) in the long run. Thanks gents for the great content

I am teaching myself to pursue a career in cyber security. This is pure gold thank you so much!

High David and Chris, thanks a lot for the TCP Deep Dive series. It helped a lot to start find network problems with Wireshark. As always it is hard to find the needle.

49:53 Great question David. I was thinking about this question since Chris started with HTTP. Many thanks for this absolutely must question.

Thank you both for this series. This is gold. Looking forward for more videos on real world experiences. Really loved the consulting scenarios. The teaser in the end was a good one. Will be curiously waiting for that story!

this is GOLD!!!! War stories are awsome and gets insight on how to jump into issues. slowness is the hardest.

Thanks Chris and David, real-time scenario would be fun to see

Still learning WS, very enlightening, thanks so much!!

Great video. Big props to Chris. I always thjought he was observing TShark on Linux using a wifi usb adapter plug in which you can. But i didnt know I could install it natively on my Dell AND my Macs without using my Linux oS. Now I can see real info and really read serious traffic. I was never seeing any ip's or anything. just a bunch a minor AP traffic. Color codes never came up but now holy shit thee amount of traffic that colorized is nuts. I can finally see what my own personal traffic looks like on the wire. LOVE these videos on TShark with chris. Thank you so much David

Great Tutorial! Would love to see a full Wireshark one on slow wifi debugging please!

Loving the team ups w/ Chris. I’m learning so much and subscribed to his channel too.

I always love to watch your channel. Every time learn new things 😃

Great video David! I've learned a lot, over and over again! Chris is a fantastic teacher. And yes, I can't wait to hear those war stories you've got Chris.

Great session.👍✌️Thank you David && Chris

Awesome video! Another overview of wireshark and fragmentation (usually over VPNs) would be awesome!

Nooooo! That cliffhanger was brutal! Can't wait for the next part. I want to know all about those war stories!

Massive thanks guys! Brilliant examples. Looking forward to more stuff in this format. That “war stories” sounds great too 👍🏼

Great content👍 Thanks for coming back to networking in between we lost you David🙏🥰🥰

Very interesting lecture,.... Would be really useful though as continuation to have some inside tips about how to stitch packet traces/packets inside traces taken from different parts of the network and endpoints with focus on TCP sequencing and session stitching between those different captures - as most of the time to prove the point of application or network issue it is often needed to take packet traces on network devices too.

this video is fantastic, would love to hear more about wireshark and war stories from Chris

You nailed it David. Thanks for sharing these type of people to the community. ♥️🇳🇬

Worth watching saved so much of time figuring out certain things in WS.

Thank you very very much David and Chris, this series of videos of Wireshark are so usefull for me. Thanks to both for sharing your knowledge, greetings from Riviera Maya :)

You and your guests are the best. i learn so much stuff about the networking field in a fan and entertaining maner.

Great video. Love these in depth videos about Wireshark with Chris. Keep them coming, and thanks.

i love how i was just going to call my isp when i just got this video notification 😂

David / Chris; I love these Wireshark videos you've been doing. Even tho a lot of it I've already picked up on my own, just by running pcap's working as a Sec Analyst in PCI, there's still a bunch of stuff that I've learned watching these videos. Please oh please...KEEP 'EM COMING! You rock, @Chris Greer - thanks!!

Thanks for the great presentation Chris and David. Really useful. Would love to hear some war stories!

Chris.. You guys should setup a lab with eve ng and simulate congestion and show how the congestion notifications work and how the window size works both in a compatible setup with ecn and ecw and one without the capability... and let me know if you guys do :) Would love to be a part of it or follow it.

Thanks David for all your work and the free infomraiton you provide. Could you do a video on industrial networks profinet, EtherntIP etc., from network security point of view, please?

This is awesome David! This could have saved tons of time and headaches in the past!

This is class and great tutorial.. Chris is master of his craft

Nice content...well explained. Especially the part where network guys were exonerated. Would you find a pcap to show how to prove its the application/server that has the lag. I would be helpful...

DAVID amazing content as always with Chris. If it is possible if you guys can make DNS deep dive and troubleshooting with Wireshark, especially those related to active directory.

I'd love to hear the war stories!

You are guilty until proven innocent! The network is slow! But is it actually a network issue? Or is it an application issue. Chris Greer explains. // MENU // 00:00 ▶ Introduction 00:26 ▶ Intro 00:35 ▶ Wireshark filters introduction 02:20 ▶ Regular IP filter 05:28 ▶ Common filters 07:10 ▶ Operators in filters 08:19 ▶ Where to get the filter Power Point 08:55 ▶ Filter shortcuts 11:20 ▶ Filter buttons 12:10 ▶ TCP analysis flags 15:16 ▶ Filter buttons (cont'd) 17:15 ▶ TCP reset 18:35 ▶ How to apply filter as display filter 20:08 ▶ Experience vs Theory 22:19 ▶ Special filters 29:00 ▶ Time filters 38:22 ▶ Consulting scenario 49:45 ▶ HTTPS consulting scenario 55:33 ▶ Other filters 56:46 ▶ How to simplify p-caps 59:29 ▶ Signature filters 01:01:39 ▶ Quick recap 01:02:16 ▶ Conclusion // MY STUFF // www.amazon.com/shop/davidbombal // SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: kzbin.info //CHRIS GREER // Udemy course: davidbombal.wiki/chriswireshark LinkedIn: www.linkedin.com/in/cgreer/ KZbin: kzbin.info Twitter: twitter.com/packetpioneer // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

Really good info here, some I use already quite a bit. Wish they cleaned up the audio on this though

I recently had to use Wireshark at work - had no idea what I was doing (still don't) but think this should prove helpful (Trying to track down Rx Length errors)

Like always great contents! Thanks to you both for this WS series and many more. ❤😊

Great initiative as i said knowing wirshark is so importante thx Mr Bombal, Chris is awesome with his claire explanation i love this topic

Thanks David and Chris. Yes to War story

I love to learn Wireshark. Very great video. Thanks

I was checking your video about wireshark early today and now here is the other one

David asks all the right questions

awesome content as always and and it's always great to see content from chris btw you're getting pretty close to 1 million subs David hope you get there real soon

Thank you guys for keeping on this great series!!

FYI. In software dev, single = is assignment . Balance=5. Double equals, tests for that value. If(balance ==5).

I came here for a casual watch, but as with every freaking Chris Greer video, here I am taking notes.

Yes to war stories! Looking forward to watch the video!

Great , informative and practical as usual Can you make video on IPsec and IKE like tlss handshake one from almost two weeks ago?

Thank you, David and Chris.

With TCP, some packet loss is normal. In fact, it's required for flow control to work.

Wireshark and Tcpdump are IT Security Engineers handed tool to validate traffic. Awesome Video

Yes! War stories and a run down on the profile on Chris Wireshark (specially the buttons he has)

Hey David could you make networking observing for ebpf systems?

Thank You David and Chris! Great Video

One of the first CCIE legend said once that wireshark is useless, it's just another product with great marketing out there mostly for network engineers, cause with no wireshark , issues can be fixed, and while we dedicate and spend "time" to analyze the data, the outage is there, I don't and I dint like what he said, but being in tshot cases for more than 10 years, I just use wireshark for fun, I don't know honestly ...

Love to watch Chris. Learning an awful lot. And yes, please do a "war stories" video :)

A decade ago I was using WPE for my filtering which was great because it targeted an individual application. Now uh days browsers and many other apps use multiple processes so it's not practical 2day. In programming = would be to set a value to a variable. == Means "is equal to". === Means "is exactly equal to" usually for Case Sensitive issues. I'm thinking these are the same. War stories are great!

Chris Greer is amazing! Thanks for this!

Thanks again David and Chris for the incredible information. I’m also a yes please to a war stories video. 👍

great tool for solving or proving rather SIP and voip issues is not the network.

This is what I was hoping from a long time ago.

You guys are killing me...It's not that I don't agree. I totally agree with Wireshark is the industry standard. Unfortunately for for me, the organization I work for got sold that "Netscout can do anything Wireshark can do". So they no longer allow use to use Wireshark...I like Netscout, but its simply not optimized for on the fly and deep packet inspection, research, etc. I've used various Sniffer Pro solutions, Domino Nas, EtherPeek, and a few others...Nothing does it as well as Wireshark! OK...I feel a little better.

I would like to hear an example of when you actually encountered a problem with the network and how you found that.

This guy is amazing. The amount I learned in this one video is pretty amazing. Thanks

Thank you very beaucoup !! And the chapters is very useful.

This was amazing Can we get to see deep dive in ssl(tls) and ssh

This is very good stuff. Please keep it up.

It would be good if attach the pcap for side by side analysis

It's killer content as always. Thanks David & Chris. Respect

its double equal == as normally in computer language one equal = generally sets something to be. When you write == you are checking if something matches. I am sure the majority of people would know this but I am just throwing my 2 cents out there :)

Oddly this came out when I was searching to see why dsl connection is slow or drops. I’m pretty sure it’s upload hogging the bandwidth but I would like to make a graph as to what going up slows how much going down. There is a point that I can see upload device stays on network and continue upload but everyone else will show no internet so may drop its self from the network like windows will do sometimes

I see a pattern here that I could put into software maybe .. hmm .. client sends request, empty ack from server and time to wait until first application data and alike conversations point to performance problems of API endpoints? Could be a nice performance test suite.. :)

Pure gold as always.

I think the double equal or === to compare the type or the value, like in JS maybe.

Now, did that episode on the slow network already happen? I'd be very interested :D

I DEFINITELY want to see war stories from Chris Greer.

Thanks, I love your content. Keep it up

Chris what I would like to know is do you use a tap or do you just mirror a port on the switch. If you use a tap what brand/model do you recomend?

== is like a standard in programming to check if values match on value if used just one = then mean assigna valuea to that variable, not sure if possible in Wireshark

What are the best filters to find the Network latency ? Please advise!

Can't wait for the next in the series. As the "computer guy" at a retail store with really old crap infrastructure I could really use some pointers with narrowing down what is or is not happening that is impacting the network performance.

This is excellent information. I would like to know how you pull your captures apart from the $4.5K device. Do you ever use port mapping on a switch or do you always use some sort of TAP. I work in a lot of smaller companies that don't have large IT budgets but with CMMC/NIST requirements we are trying to find cost effective and easy to use packet capture equipment/software or solutions.War stories would be great!