Top 5 Wireshark tricks to troubleshoot SLOW networks

Big thank you to Proton for sponsoring this video. Get Proton VPN using my link: davidbombal.wiki/protonvpn2
// Chris’ SOCIAL //
LinkedIn: www.linkedin.com/in/cgreer/
TH-cam: th-cam.com/users/ChrisGreer
X/Twitter: twitter.com/packetpioneer
// GitHub Link to lab file //
Packet Pioneer GitHub: github.com/packetpioneer/youtube/blob/main/Lab1-GreerBombal_ItsNotTheNetwork.pcapng
// TH-cam videos REFERENCE //
Wireshark Tutorial for beginners. Where to start with Wireshark: th-cam.com/video/OU-A2EmVrKQ/w-d-xo.html
// TH-cam PLAYLIST //
Wireshark with Chris Greer: th-cam.com/video/rmFX1V49K8U/w-d-xo.html&pp=iAQB
// David SOCIAL //
Discord: discord.com/invite/usKSyzb
X: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam: www.youtube.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended.
Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.

29:10 I spent a lot of time earlier to understand that why I am getting huge value in segment length column although MTU is set 1500. Thank you Chris for going to different tangents; it helps a lot! Thank you David for bringing such valueable persons on your channel!

David & Chris you are opening our eyes 👀. Thank you 🙏

I ❤ the videos you do with Chris Greer.
The info he provides about Wireshark & what you're looking at + for within pcap's is something, I feel, today every network'er should know how to do & what to look for.
👍👍👌

Ironically talking about the slow passage of time between packets, but at the same time this video was over before I knew it! Fantastic explanation as always, and lovely to see you again as a guest, Chris.

Wasn't expecting to watch this end to end, - but damn, enthralled. Love this stuff!

Chris is a great mentor. His knowledge, personality and demeanor lend himself to being great. Always enjoy his content, thanks for hosting him.

These are always fascinating and as for the digressions, I'm OK with them because you always come back to the point you digressed from but have also imparted some breadth to the discussion. I could always jump ahead in any case if I found them unhelpful.

A very big thank you to both of you. You guys are literally changing the way I look into network issues and I am becoming better and better each day. Keep up the beyond-excellent work.

Thanks Chris/David. Chris I love more detail than less detail when explaining different things.

I ❤ the detailed tangents. In this case (29 min mark), it helped me understand where in the process the capture actually happens and why they show larger than 1500. Keep the details coming.

No lies, the detailed tangents really help expand on the why of it for me. Great video guys!

Hey Chris don't listen anybody and give us that details please. Those kind of knowledges are necessary when you try to give a logic to processes. Thank you David, awesome again. Appreciate it.

I watch lots of your videos David but damn!!... this has been one of my favorites by far.
Please we need more content like this 🙏🏼🙏🏼🙏🏼

Thanks Chris Greer and David Bombal.
Getting in detail is actually good as it further clears the concept of what is behind the stuff you're imparting.

I once used the skills Chris taught to analyze an LNK file attack, showed me how beautiful that attack was...

Love the details and tangents because it helps me understand more of the big picture. Awesome content and I'm going to get lost in your channel, Chris. Thanks both!

great work David and Chris. I love your contents. I'm someone looking for breakthrough in Wireshark packet analysis. I feel Chris' channel is just the right place for me. Love from Nigeria. Keep up the good work. Thank you so much David. Looking forward to more sessions like this with you and chris

Chris I love your side bars and detailed tangents little buddy absolute gold!

Fantastic Chris for the wonderful troubleshooting session.

This is brilliant, I have another bookmarked video! Digressing is fine and works for me, Chris adds value to the subject when he does this. Even in 2024 the basic fundamentals of TCP are essential, just wish I had more time to spend in this area.

This channel is a goldmine for aspiring networking/cyber security professionals

This is very timely, I'm dealing with network issues right now!

Great work. Your videos keep me entertained and interested. Thank you again.

Great content, as always David and Chris! I will stay on one point: "...let's buy training instead of a lot of equipment!"

Great stuff! Really enjoyed Chris' analysis! Keep 'em coming!

Always enjoy a good detailed tangent.

I bought this dudes Wireshark course on Udemy; very solid. Would recommend for anyone in IT to take it. Thank you David for having this dude on.

Brilliant.
And Chris, you got yourself a new subscriber.
Thx for sharing both.

Much appreciations guys! Patiently waiting for that SACK video

Really enjoyed video! Thanks for both of you guys for these informative content.

Thanks to you both for this video!!! Had a problem, which seems to be a very similiar to this and I used your technique to troubleshoot! Thank you very much!! :)

Thank you for sharing your knowledge and experience.

This is so awesome!
@Chris, I support the detailed tangents!

More Chris Greer videos! His content is awesome. Post more on your own channel Chris!

Best Wireshark Howto EVER. +bonus TCP SYN ACK analysis, hit _that_ spot by bringing out an RFC reference. So dope good content man tangent detail Approved [ACK]. =:r[]

That's cool! Thank you for the tricks!! I will use wireshark to understand in depth of packets!

Great video! If you 're TSing issues regarding Window Size and Packet Loss (to double-check if the TCP window size is not getting slammed on the receiver, and on the very rare occasion vice versa). select under 'Statistics - TCP Stream Graphs - Window Scaling', this a good tool to measure and view the respective Window scaling between C/S and S/C. I think Chris made a video of it years ago! I hope this helps :)

I love when you have chris on. I bought tye course he did with wireshark and nmap, just havent had time to start it, yet. Busy with ccna study and tls study with Ed Harmoush. When chris goes 'on tangents' it's an excellent learning opportunity. Would gave liked a bit more on the relationship between segment size and window size in tcp. Would also like to see more about QUIC. Thanks.

Great video!! I do like when he gets straight to the point though. The tangents throw me off cause I lose focus. When he gets straight to the point I feel like gain so much knowledge and light bulbs start going off. Thanks again for this amazing content!!

What a G! Thanks for introducing me to this guy. I've been using WS for years and it's nice to pick up some new tricks.

"Ya I had 'er, and all I got was.. EVERYTHING!" Low level? Well I did turn on my physical connector's Promiscuous mode! Rocked that Packet Capture all night! After all; "PCAPs or it's fake!".

Hey David and Chris,
You both are awesome. Thanks for all these videos.
Chris, you are looking cool with your new beard style 😊..

I love chris, hes always trying to just teach us stuff but like actually without peddling shitloads of courses and shit

I enjoy listening to both you guys

Good to hear an ad for a VPN that's really just about what it's main function is, which is
encrypting traffic. You can build one at home with a raspberry pi if you can find one, you just wont have the geolocation hopping. It is just a good first line of defense against attacks, as letting people know your IP can let them possibly wreak havoc on your device.

Like always this content with chris is spot on and awesome. BTW tangents are awesome, they help out a bunch.👍, I wish I could give these videos more than 1 thumbs up LOL

Love youre content David, ure my example of a hero!

Great interview and tutorial! Many helpful insights 💎

Thank you guys. you made packet analysis interesting. Definitely checking on Chris's channel and learn more about Wireshark.

Super valuable video! Thanks!

Love the detailed tangents. Would like to know what the window size is.

my fav. thanks, david, & chris.

Great to see u guys again

I really enjoy this. Wireshark is such an important tool.

Brilliant video as usual. David and Chris are so sweet persons and have the ability to pass their knowledge. and that's make the difference!! You can be a great scientist, but if you dont have the ability to spread your knowledge, you cant be a good teacher.

Really fantastic video and good to see Chris x David again. David please invite Neal Bridges again and talk about Cybersecurity and how AI is shifting the paradigms of the Cybersecurity
Thanks and Love from Pakistan ❤

Great content and bravo! And oh your video editing is top top 🔥

On all of the web, you guys are the best!

If you had mention VirtualBox at the beginning, I wouldn't even need to check the pcap lol
Great video guys thx!

eagerly waiting for stuff like that from you

David thanks you can improve my education

Chris you look better with the beard :) - thank you David and Chris for this ...

Hands on is the Best way to learn, build home labs small or large testing stuff on that and watching what it does is when you can really grasp this stuff.

Thanks Chris and David!!!
This seems like a murder mystery thriller movie to me. lol. 🤣🤣🤣

Good work out of you both 👍👍👍

Great video. Thank you.

Thanks Chris

Keep on tangenting. Thats what they made 1.5x speed for

Great learning this morning weekend thank you sir for sharing this tutorial video it’s makes me inspired by this video sir 32:41

keep it up with the details in wireshark. I need to lean nore :)

Idea for another video : covering active directory authorizations or AD attacks

yes please share details and rabbit trails !

I really like it, a lot! You know, those detailed tangents.
An explanation of how an application works and what you can use it for is nice, but if you skip those tangents, I will not know why everything I see is or behaves just slightly different from what you're explaining. I'd have to look up every single detail that you explain in those tangents.
But if you have physical access to the network, can't you then just hook up to the wire that is going into your modem or coming out of your modem to see what packages are sent from the server?

I would love to see how to troubleshoot asymmetric routing that is messing up TCP handshakes, using Wireshark

Watching now!

Hey David, love your content.
But please try to not interrupt your guest when they are talking.
Thx in advance.

Enjoyed the content! 😎👊 “it’s always DNS”

Thanks

Chris is Awesome

It was over 5 minutes and we weren't in a pcap file... 😮😅

Amaizing

Hello David, greetings from Chile, a query do you know of any book that you recommend that talks about the study of packages?

Appreciat it

Awesome

I am feeling dirty for thinking Chris is incredibly hot. But seriously, these videos are amazing and I cannot wait to learn more. You guys make the dull into the fascinating.

Just do it ❤

Thank you David and Chris. What about the QUIC protocol, what is your opinion? Should we use it instead of the good old TCP?

nice

@ChrisGreer Details and circumstances do matter. That's how you will become an expert.

so what was shaping the packet? which virtual setting on the host was responsible for this?

Do you have a video on tcpdump?

Can AI disguise as packets? Hmm, that is the future question!

Chris got beards now ...... lovely

how did you get the TCP Segment Length column?

There is one thing I want to know more about. Thats VPN traffic and how a server can ses there is VPN traffic and how to hide the VPN traffic from the server. Perhaps hide your VPN traffic as HTTPS traffic?

28:50 what usually causes the segmentation or reassembly issues?

Hi,
Does these same techniques apply to WAN networks?

🙌🙌🙌

📝 Summary of Key Points:
📌 The video discusses troubleshooting network performance issues by analyzing packet captures, focusing on factors like TCP handshake, TCP options, time delays, TCP indicators, and root cause analysis.
🧐 Detailed examination of TCP handshake, including TCP options like maximum segment size, selective acknowledgment, and window scale, provides insights into network behavior and performance.
🚀 Analyzing time delays between packets reveals congestion issues, such as TCP zero window, impacting data transfer and causing significant delays in communication.
💡 Additional Insights and Observations:
💬 "Packets don't lie" emphasizes the importance of hands-on packet analysis to understand network issues thoroughly and develop effective troubleshooting skills.
📊 Understanding TCP settings and indicators can help network engineers pinpoint performance bottlenecks and address root causes effectively.
📣 Concluding Remarks:
The video highlights the significance of packet analysis in diagnosing network problems, showcasing how TCP settings, delays, and indicators can reveal critical insights for resolving performance issues. By delving into packet captures and interpreting network behavior, professionals can enhance their troubleshooting capabilities and optimize network performance effectively.
Generated using TalkBud