{"id":226,"date":"2023-08-25T10:16:45","date_gmt":"2023-08-25T18:16:45","guid":{"rendered":"https:\/\/www.dumpsterfirecomputing.com\/?p=226"},"modified":"2023-08-25T10:21:39","modified_gmt":"2023-08-25T18:21:39","slug":"the-journey-of-a-thousand-packets","status":"publish","type":"post","link":"https:\/\/www.dumpsterfirecomputing.com\/?p=226","title":{"rendered":"The Journey of a Thousand Packets&#8230;"},"content":{"rendered":"\n<p>Somewhere back in the 2007-2009 timeframe I bought a book about &#8220;Wireshark &amp; Ethereal&#8221; (see the bottom of this post).  I was only a couple years into my post-college career and was either troubleshooting a local network problem or troubleshooting something with the Cisco PIX 501\/503&#8217;s that I stood up at my job of the time.  <\/p>\n\n\n\n<p>I&#8217;ve always been truly fascinating with networking, network troubleshooting and packet analysis.  In those early days of my career, I was the &#8220;jack of all trades, master of none&#8221; type.  I built and supported the workstations, servers, network equipment, etc.  I had some familiarity with packet capturing, but it was (and still is) an area of known weakness for sure.  Today, almost 20 years later, I&#8217;ve bought another book:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-3-1024x775.png\" alt=\"\" class=\"wp-image-228\" style=\"width:297px;height:225px\" width=\"297\" height=\"225\" srcset=\"https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-3-1024x775.png 1024w, https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-3-300x227.png 300w, https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-3-768x581.png 768w, https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-3.png 1117w\" sizes=\"auto, (max-width: 297px) 100vw, 297px\" \/><\/figure>\n\n\n\n<p>Over the last<s> two three four<\/s> five weeks I&#8217;ve been involved in troubleshooting a pretty big issue.  In my last post I&#8217;d even talked about remotely capturing packets.  But what really bugged me was that while I could capture the packets, I couldn&#8217;t really tell the story.  Sure, I know technically what resets, retransmits, duplicate ack&#8217;s, etc. are, but what I couldn&#8217;t definitely tell was whether or not what I saw in those captures were problematic or not.<\/p>\n\n\n\n<p>And so it is, I begin this journey of a thousand packets.  I don&#8217;t know how long it will take, or <em>where <\/em>it will take me, but the next time a team asks me to collect some packet capture data I&#8217;m determined to be able to make informed, educated hypotheses about what I&#8217;m looking at, potentially even spot errors, irregularities or problems.  Networking makes everything today work, and I truly believe that those who can really look under the hood and dig deep into the weeds of network\/packet analysis are at an extreme advantage.  That&#8217;ll be me soon&#8230;<\/p>\n\n\n\n<p>Oh, that ancient book I bought, that I still have on my shelf (next to books about SysInternals, VMware, TCP\/IP Illustrated, and the NT Resource Kit) is:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-4.png\" alt=\"\" class=\"wp-image-231\" style=\"width:220px;height:273px\" width=\"220\" height=\"273\" srcset=\"https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-4.png 662w, https:\/\/www.dumpsterfirecomputing.com\/wp-content\/uploads\/2023\/08\/image-4-241x300.png 241w\" sizes=\"auto, (max-width: 220px) 100vw, 220px\" \/><\/figure>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Somewhere back in the 2007-2009 timeframe I bought a book about &#8220;Wireshark &amp; Ethereal&#8221; (see the bottom of this post). I was only a couple years into my post-college career [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54],"tags":[14,56,55,53],"class_list":["post-226","post","type-post","status-publish","format-standard","hentry","category-learning","tag-learning","tag-network-analysis","tag-packet-capture","tag-wireshark"],"_links":{"self":[{"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=\/wp\/v2\/posts\/226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=226"}],"version-history":[{"count":2,"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=\/wp\/v2\/posts\/226\/revisions"}],"predecessor-version":[{"id":232,"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=\/wp\/v2\/posts\/226\/revisions\/232"}],"wp:attachment":[{"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsterfirecomputing.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}