What happens when the power goes out at an IT conference? We
kick it old school!
OK, so it was just a 20 minute outage. But when your
presentations are an hour to an hour and a half long, 20 minutes is a huge chunk
of time. And I was in Laura Chappell’s Network Forensics demonstration using
the upcoming version of Wireshark (cool new stuff!). Laura just stepped out
from behind the computer (since the projectors were dead, there was nothing she
could show a room full of people) and started listing some possible signatures
we could look for in our trace files. The power came back on – albeit, one leg
at a time – and we moved forward with the demonstrations.
Every time Laura gives a presentation at a conference, I jump
at the chance to take it. Laura teaches Wireshark – well, she does a lot more
than that, but she is the premier Wireshark instructor. There is no way to
absorb everything Laura knows about packet analysis in a day, much less a
single session. Luckily, she has books out, information on her website, online
courses (both free and in-depth paid courses), and week-long sessions for
companies that want to hire her.
 |
| Laura Chappell has been my IT idol since my first IVNUA |
Wireshark is a free, open-source network analysis tool that
can be used both for network troubleshooting and network security analysis,
including forensic analysis. More than 3000 developers have worked on
Wireshark, and it will always be open-source. Wireshark averages 1 Million
downloads per month. For more
information about Wireshark or to download it, check out this site. If you want
to learn how to use Wireshark, check out Wireshark University. Laura has her own educational site at Chappell University
Here’s a bit of information from Laura that I wasn’t expecting
– she believes that sometime in the future, Suricata will surpass and replace
Snort in the IDS world. The next round of sessions include speaker Loyal Moses
from Tactical FLEX, creator of Aanval. It will be interesting to hear his
thoughts on Suricata.
 |
| Casino Night! |
Other news from the conference: I chatted with some of the
vendors, so expect to read more details about that in coming posts. Last night
was casino night – a first for the IVNUA conference. I would say it went over
well – there were a lot of happy people who stayed to the end of the evening.
And I had opportunity to visit with more of my IT idols – Jeremy Moskowitz and Kevin
Remde.
 |
| Jeremy Moskowitz and Kevin Remde |
More sessions today – I’ll have a report on what Loyal Moses
has to say, on Kevin Remde's private cloud session ...and I’m signed up for a session about publishing ibooks.
No comments:
Post a Comment