Post Views: 5,042 The 169.254.x.x IPv4 address is called the APIPA address. APIPA stands for Automatic Private IP Addressing. It’s a fallback mechanism built into Windows (and most modern operating systems) to give your network interface a “link local” address when it can’t get one from a DHCP server. The APIPA IPv4 Addresses are any […]
What is the 169.254.x.x IPv4 address? Read More »
Post Views: 1,633 I provide this information for reference when examining TLS in Wireshark. The TLS 1.2 protocol ladder (also called the TLS handshake ladder) describes the step-by-step sequence of message exchanges between a client and server as they negotiate a secure, encrypted connection. Think of it as a “ladder” where each side alternates rungs
The TLS 1.2 Protocol Ladder Read More »
Post Views: 6,195 Using a loopback adapter (also called a local loopback interface) for packet capture in Wireshark allows you to capture traffic that stays within your own computer — for example, packets exchanged between local applications via localhost or 127.0.0.1. Normally, this traffic never reaches a physical network interface, so a loopback capture is
What is the Adapter for loopback traffic capture in Wireshark? Read More »
Post Views: 2,995 Many technicians and network engineering staff, as well as IT staff, often need to “tap” into the Ethernet to capture and troubleshoot network traffic. A full-duplex tap (also called a network tap) is a hardware device placed inline on an Ethernet link that allows network engineers to capture all traffic traveling in
Ethernet Taps to Capture Network Traffic Read More »
Post Views: 5,295 I recently received an email requesting my thoughts on the top ten books for broadband technicians to have in their possession or library. Great question. After some thought, here are my top ten (in no particular order) recommended books and handbooks for broadband / fiber / telecom technicians. These cover theory, practice,
10 Best Books for Broadband Technicians Read More »
Post Views: 2,181 Let’s just start right out and say: contrary to the scare tactics made by some, that MPLS traffic has been exposed by the providers that operate MPLS, there has never been any validated evidence that such a breach has indeed ever occurred, other than some alleged errors in configuration. MPLS operates between
MPLS – The Most Secure without Encryption Read More »
Post Views: 3,283 MPLS (Multiprotocol Label Switching) is often regarded as one of the most elegant service provider networking technologies after TCP/IP itself because it solved several big problems introduced in the late 1990s (and I got to be part of that): For service providers, this was game-changing. Many argue that without MPLS, the explosion
MPLS – the Greatest Service Provider Technology of All Time Read More »
Post Views: 6,062 I am a ChatGPT subscriber to the basic (not PRO) service. I saw the following post on LinkedIn and was fascinated: Think about the implications. You don’t need to know how to use Wireshark other than to do a capture. You certainly don’t need to know how to troubleshoot packet captures as
Can ChatGPT 5 analyze PCAP’s? Read More »
Post Views: 12,368 With over 30 years of proven expertise in telecommunications and technology—leading my own successful consulting firm since 1998—I bring real-world experience, deep industry insight, and an engaging style to every stage. I have presented at national and international venues on topics ranging from advanced networking and emerging technologies to regulatory trends and
Keynote / Presentation / Panel Discussions Read More »
Post Views: 2,281 Great question. In one sentence it is a purple tool, meaning both! Wireshark itself is a passive tool, it is non-intrusive — it doesn’t create attacks — but it’s a force multiplier for both Red and Blue Teams depending on who controls the capture point and how the data is used. Let
Is Wireshark a Red Team or Blue Team Tool? Read More »
Post Views: 1,971 Before anything, I want to thank my user @LeoRegem on Discord for providing the information below. Thank you! Join us there is you want to comment. Here are the steps for capturing WLAN Wi-Fi packets on Android (basically getting into monitor mode and selecting channels, etc): Once you have this set, you
Capturing WLAN Wi-Fi Packets on Android Read More »
Post Views: 2,504 In Networking we have always used a Layered Model to represent and apply network functions and protocols and their relationships to one another. Whether you like 7 layers or 4 layers is all wasted argument to me. I am a packet guy, and in the packets the protocols are layered. Any manipulation
Is Network Layering Going Away? Read More »
Post Views: 2,587 Knowing how to use nmap is critically important for cybersecurity professionals because it is one of the most powerful and versatile tools for network reconnaissance, security auditing, and vulnerability assessment. Nmap is to cybersecurity what a stethoscope is to a doctor—a diagnostic tool that’s fundamental to identifying issues, assessing risk, and maintaining
Using nmap for Cybersecurity Read More »
Post Views: 6,915 In our post introducing the nmap Scripting Engine (NSE) we discuss what the nmap scripting engine is and how to use it. In this post I wanted to provide a full list of all the nmap scripts. There are (as of this writing) 612 NSE scripts and 139 NSE Libraries. The source
A Complete List of nmap Scripts Read More »
Post Views: 3,075 RFMON stands for Radio Frequency MONitor mode. It is a special mode for wireless network interfaces that allows a device to capture all radio traffic it can receive on a wireless channel, regardless of the intended recipient. All Wi-Fi radios can go into different modes, but that does not mean you can
