Toggle Menu

<-- Back to schedule

Tutorial: Packets don't lie: how can you use tcpdump/tshark (wireshark) to prove your point.

Wiki Page: Tutorial: Packets don't lie: how can you use tcpdump/tshark (wireshark) to prove your point.

We will look into:
differences between tshark and tcpdump,
tools that come with wireshark: dumpcap,capinfos, mergecap, tshark,
how to work with the capture files,
how to select the interface we want to capture on,
caveats in capturing (like vlans not being displayed),
capture and display filters, the difference between them,
statistics capabilities - this will be a big focus,
decyphering SSL/TLS connection without access to server certificate.

Most of the tutorial will be done on the command line without a GUI.

Sergey Guzenkov

Sergey is a full-type linux sysadmin currently working in the Onegov of NSW Government.
In the past he managed largest Australian Websites at News Limited, consulted big enterprises through Ecetera and Babel Consulting, and taught Red Hat linux courses in Netherlands, London and Sweden.
Sergey is a Red Hat Certified Architect.

Geelong 2016

Our Emperor Penguin Sponsors


About Geelong

Geelong is Victoria's second largest city, located on Corio Bay, and within a short drive from popular beach-front communities on the Bellarine Peninsula as well as being the gateway to the famous Great Ocean Road

More Info » is widely regarded by delegates as one of the best community run Linux conferences worldwide and is the largest Linux and Open Source Software conference in the Asia-Pacific.

Read More »



Our Sponsors help make become the awesome conference everyone comes back to year after year. Come see who's on board this year, or find out how to get in contact with us

Sponsorship »