CellStream Blog

BlogWelcome to the CellStream Blog. 

We welcome comments.

You can click on the column titles to sort on the column information (for instance click on Hits to sort the articles in ascending frequency, click it again to sort in descending frequency).

You can also select tags in the tag cloud to quickly list all articles on that particular subject.


Complaint: Why Don't You Allow Employees to use Wireshark?

Let me begin with a little background.  At CellStream, and the Online School of Network Sciences, we have taught hundreds of Wireshark classes for general networking, voice networking, data center networking and wireless networking.  As our students and clients know, we depend heavily of a hands on approach to learning.  For Wireshark classes, this means installing and running Wireshark on the student's local machine (Wireshark is free, and installs on Windows, MAC OSx, and Linux).  We then provide a variety of packet capture files to study how to best use the tool.  Our clients vary from equipment manufacturers to networking companies, like service providers.

Now I can start on my complaint.  I direct my complaint primarily to the service providers and networking companies that either a) restrict their technical staff to not being able to download and install Wireshark - the employee does not have the appropriate Administrative privileges, or b) refuse to use Wireshark because they think it is some kind of hacking tool.  Instead of using this great tool, they often choose to swap equipment or update software until the problem 'goes away'.

A screenshot of Wireshark packet analyzer:  Even a beginner can tell there are issues here!  And all the lights would be green on the modem/router!

Screen Shot 2017 11 14 at 5.22.06 PM

Naturally, there is no black and white here, but allow me to define some clarity.

Let's start with the 'hacker tool' accusation.  Without question, you can use Wireshark to capture someone's traffic/packets that contain a clear case password.  However, leaving that statement as the reason for not trusting the tool actually demonstrates a very poor, limited understanding of how networking in general, and packet capture specifically, actually works.  Wireshark is a protocol analyzer.  Such tools have been necessary (like T1 BERT testers and dozens of other similar tools) since the beginning of digitization!  What makes Wireshark special, and necessary, is that most network problems today are based on data communications that occur in differnet protocols at many different layers.  Anyone trying to solve slow performance or connectivity issues must use a tool like Wireshark to examine these layers, and be proficient in it - not as a last resort, but maybe even as the first step in analyzing the problem.  So let me be more precise: not using this tool is handicapping your staff and company from being able to solve network issues and foster customer satisfaction - and it's free!  Now some further clarity: a) you cannot use Wireshark to bring down a network, b) Wireshark cannot magically unencrypt encrypted traffic, so without the encryption keys, data is safe (with the keys nothing is safe and Wireshark is not the tool to use if you have the keys and you want to do damage), and c) Wireshark does no hacking functions (there are plenty of other tools to do that).  So the next time someone uses the 'hacker tool' excuse, do what I do, forgive them for not understanding, or knowing what they are talking about.  If that is the IT person at your company - they need knowledge and understanding (send them to us!!).

Now let's tackle the restrictions placed on employee laptops.  Again, no black and white.  I understand, just like anyone at SONY will confirm, once a bad peice of software is installed on the corporate network, the result can be catastrophic.  Stopping there is not the answer, however.  For example, the SONY hack and many other came from Email or Web Browsing, not from installation of software from reliable sources.  If you took this more bluntly you would never install anything from Microsoft!!  It is a ridiculous excuse.  But let's get back to Wireshark.  I understand that the issue here is with 'open source'.  Wireshark is open source.  Once again, knowledge and understanding are key.  It would be ignorant to say that anyone can contribute code into the Wireshark repository.  That is simply not the case, and that is simply not the case for most every legitimate open source projects.  Contributions are carefully vetted and considered and tested by such projects and Wireshark is no exception.  Access to their core code is limited to a very special group of people, and further there has never been an issue with the Wireshark code to date.  Does that mean that you can expect this software to be bug free?  Of course not.  What is at steak is a bigger issue, that I have even witnessed.  Due to these unjustified, unlearned assertions and policies, networking professionals can say "I can't use that tool"  or "My company does not approve of it." Thus the policy has become the reason for ignorance, and limited skill building, at a time when networking is getting ever so much more complex such that the understanding and skill set that a tool like Wireshark leverages are critical in today's Internet.  Again, I say that if this is the case in your company, send them to us so we can educate, inform, and change their modality.

Every company should have policies about how to use corporate resources and tools.  In the case of Wireshark, it should be crystal clear how capture files that contain customer traffic are ethically and properly handled.  They can even be anonymized using free tools like Tracewrangler. 

Any network is a forward thinking infrastructure by its nature.  Whether it is roads or fibers, technology rapidly advances to get better, cheaper, and more complex usage models in play as swiftly as possible.  Look at cars, trucks, planes, trains, and shipping. And ofcourse the Internet - that of course being packets.  None of these networks is standing still, least of all the Internet itself.  The Internet of Stuff is expanding and you have to ask yourself, what are the tools you need to mater to understand when something goes wrong?  A packet/protocol analyzer is a must have - and the must have analyzer is Wireshark.

If you want to make a big difference to your networking company, to your customer satisfaction, to your technical employee knowledge, the one thing you can do is start allowing your team to learn and use the tool.  Do it today!


Write comment (1 Comment)

Technology Hiring - Always a Tough Challenge

In a recent set of email exchanges with a client, we were tackling the challenges of hiring engineers and technical staff.  I can summarize the most interesting issues as follows:interview

  • How do you deal with the "I want to be involved in a cutting edge, startup environment?"
  • What constitutes valid experience?
  • How do you ensure secrets will be kept?
  • How can you tell if the motivations in the potential hire are in line with the corporate/project need and objectives?

Deliberately, we have not listed the normal hiring checklist items.

The answer to the first question can be summarized in a single word as attitude.  Every engineer dreams of inventing, or being part of a team that creates the cool next generation technology, like a sports athlete dreams of winning a world championship.  The primary difference is that not all engineers seek the glory or public recognition, but many, if not most, want the riches that accompny that type of shooting star success.  Just like is sports, these things definitely happen in technology.  It is a fat carrot.  From my experience, this is the attitude that fosters the desire to be in a startup and reach for the riches of success.  The challenge in the interview process is to determine how much that attitude will help to acheive the project or corporate goals, or how much will be a detrement due to dissatisfaction and early departure.  I personally have often passed on great engineers who I could tell were over the moon with this desire, and I could feel that it would be a detrement to the team.  The ironic and funny thing about this start-up mentallity is that if you have ever worked at a true start-up, you know that first there is no glory, especially in the early development cycles - long hours, total consumption of time and focus, doing things no job description could ever cover - mopping floors and cleaning bathrooms.  I don't know how many eager engineers would trully be willing to do this.  Just research the early days of Google as a prime example.  The hiring manager has to have a conversation about the candidates thoughts, looking for a measure of attitude, not so much Q&A.  

The second question about experience is an important one.  Some managers consider the 10,000 Hour Rule when measuring experience.  If you think the 10,000 hour rule is valid, that means that you need 5 years (10,000/40 hrs/wk divided by 50 weeks in a year) to master a particular craft.  The word master is an important one.  Naturally there are nay-sayers to this rule.  In these types of gray areas I like to apply the 80-20 rule - so let's say that the 10,000 hour rule is off by 20%, that would make it - at best - 8,000 hour rule or 4 years.  Now I think I may have a general measurement stick.  So against this measurement stick I would expect that valid, meaningful prior experience has to be in the rage of 4 years at a given job function.  Accepting less than that amount of time has to be considered against the requirements of the current job.  Said another way, when someone has changed jobs 3 or 4 times in 4 or 6 years, it would be very difficult to constitute that significant experience and mastery of the skills listed in their resumes had actually occurred. Further, with the wide variety of technical knowledge areas, it is better for the hiring manager not to be so worried about particular skills, but rather a clear indicator that the candidate has shown a willingness to learn and to themselves invest in mastery of important skills, not just chase the next highest paying job.  Also keep in mind that there are a lot of people who sincerely believe that they can learn technical skill and mastery by watching 15 minute YouTube videos, especially folks who are new to the job market.  In the technical space, that kind of attitude can be helpful and/or it can be misleading.  So watch out for the person that in less than 10 years has touched 50 different technologies or protocols or methods.  They may be the wrong person compared to someone that has focused on 3 or 4 or 5 and has truly mastered them.

The third question is an extremely difficult one.  With the open source popularity and the high number of strong supporters of open source, there has been a movement away from technology secret keeping to solution sharing.  When hiring, there is no need to open this debate, nor to take sides.  Instead the issue here is one of trust.  Does the candidate clearly communicate trustability, and a great way to judge that is by asking them how much they value the privacy of their prior employer's code or technology.  We see that in certain cutting edge or market leading spaces, some people will hock their knowledge and intellectual knowledge, sometimes even including code they have written, to the highest bidder.  This can happen in run-of-the-mill technology spaces as well.  Usually the shadows of open source are cited as legitimacy for breaches in trust.  During the hiring process a focus on trust is imperative.  Perhaps discuss some scenarios where trust is the key and see how the candidate views the discussion.  Like what do you think about this story with Uber? Again, there is no right or wrong answer, but rather what constitutes the candidates viewpoint will reflect their potential trustworthiness.

The last question is difficult.  The interviewer has no crystal ball that they can view the future through.  Yet this is what the question challenges us with; what will the future hold if we hire this candidate.  The best way to approach this issue is to pose a future scenario (mostly fake of course), to the candidate, with some holes and problems, but with a clear staring point and a clear end point.  Ask the candidate to consider the options, and suggest there are barriers, but that you don't want them to discuss barriers, but rather options to achieve the business goal.  Again, there is no wrong or right answer.  The right candidates will solve the problem and provide technology answers that will either align or not align with the corporate goals.  Be prepared for the unexpected, they may even open new avenues, new technologies, new possibilities based on experience or gut instinct that could be even better!  

It's hard, right?  We know these answers helped our client, and I hope they help you as well.

Write comment (0 Comments)

Searching for the Root of the Network Security Issues

If you have been living in a cave or an island or a mountainside somewhere and have not heard, the new weapon of choice is cyber-security based.  Attacking a company by wiping out it's databases and computer files and/or spreading a virus and/or creating malware seems to be the most lethal and fearless method these days, just ask Sony, or Target, or dozens of other companies that have had the privacy of their computers and networks violated, and then wiped out.  The Internet has brought us a great technological wave of invention, interconnection and technological advancement.  With that progress, a great new security risk has been exposed.  Networks used to be like castles.  They were self contained with huge virtual walls that one could not get through.  As the castles disappeared allowing great clans to become countries, the networks have evolved into inter-networks.  However, just like the castles, where security was high, once the walls were no longer used, security became an issue.


We hear so much in the news about how these attacks are deployed, through malware and viruses and keyclicks.  To combat these issues there is a huge effort of counter technologies: Virus Scanners, Malware Detectors, generating huge profits to combat the security breaching tools.  However, these are, for the most part, an afterthought.  In other words, they provide a defense to an already deployed method of attack.  They cannot predict a future attack, nor can they detect what they do not know.  Does this make them useless?  Absolutely not.  Use them with great abandon.


What we do not hear is the root cause of these security related issues.  The more I talk to people about it, the more they appear convinced that it is simply the nature of the beast.  Like life without castles, you develop a police force that does a great job of minimizing the impact, you pay for it as a community and every now and then, someone's home or business if going to be robbed.  Hopefully we will respond quickly, identify and punish the perpetrator, and continue onward.  But what if there is a root cause?  What if we put aside the complacency of acceptance, and looked a little deeper?  What if we go back to the roots of computing and networking and critically analyze why there is so much insecurity?

Write comment (0 Comments)

Are Service Providers Watching Over Their Shoulders?

Most Service Providers have been very busy over the past several years laying fiber to the home/premise/curb.  This activity has resulted in large jumps in the Internet speeds that many served customers are enjoying.  Of course, the less rural you are the better, but still, even the rural providers are stretching their budgets and sewing in fiber connectivity wherever they can.

This is all great news and if you are one of the lucky customers to benefit from these services, good for you.  If not, be patient.  Your turn is coming, albeit not fast enough.  Some providers understand they need to move quickly to keep their customer base.  They are looking over their shoulders and being very vigilant for threats.  Others may not be.  

Screen Shot 2017 05 29 at 11.20.26 AMIn my Tweet last week (ow.ly/hhNz30bYQk3) a warning shot was fired by the Wireless 5G folks.  While as of the writing of this article 5G continues to be defined, many tests have been on going and developments are accelerating.  Let's assume that as with most wireless claims, this 120x faster claim is 50% too aggressive, 60x faster is significant.  Significant enough that perhaps service providers will face serious competition to their fiber services.

The claimed acheivement was 6.4Gbps.  If you are able to get 100Mbps service, then indeed this is 60x faster.  Apparently this was also acheived in a moving car.

Screen Shot 2017 05 29 at 11.39.31 AMNow let's be on point.  Will you ever need 6.4Gbps?  Hard to tell, but certainly not today.  The worst case demands are video.  From the Netflix site the most you would need is 25 Mbps to watch a 4K Ultra HD movie.  But is two people are watching on two different platforms that would double.

If you have YouTube viewers and gamers in the household all using the Internet at the same time you can see how 100Mbps gets consumed quickly, but you will still be nowhere near 6.4Gbps.

What this will all boild down to is pricing.  If the wireless carriers beef up their tower bandwidth and offer this 5G based higher bandwidth services at a much lower price that fiber based delivery, service providers will be in trouble to pay off the costs of laying their fiber.

Alternatively, a wise service provider will combine fiber based delivery with 5G based delivery themselves to remain competitive.  No decisions need to made as this writing, but if you are a service provider, you better be looking over your shoulder! 

Write comment (2 Comments)

Flipping the Certification Model

Many folks have heard about "Flipping the Classroom" (if you haven't - watch this YouTube video).  The Internet and the online learning tools are opening new doors to traditional training and teaching models.  We have leveraged these same tools and have redefined the traditional certification training model - we call it "Flipping the Certification Model".

Write comment (2 Comments)

Subscribe to our Newsletter!

Our Tag Cloud

4G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az Addressing Airlines Analysis Ansible Apple Architecture ARP ATM AToM Bandwidth BGP Billing Bloom's Taxonomy Briefings Cable CellStream Cellular Central Office Cheat Sheet Cisco Click Model Cloud Computer Consulting Crowd Funding Data Center Data Networking Decryption DHCPv6 dig DNS Documentation Early Adopter Ethernet Ethics Filter G-MPLS GNS3 Google Hands-On Hiring History Home Network HTTPS ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 Internet IoT IPv4 IPv6 IS-IS L2VPN L3VPN LDP Linux LLN M-BGP MAC Macro Management mergecap Microsoft mininet Monitoring MPLS Multicast Netcat NetMon netsh Networking News nmap NMS nslookup Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX OTT Personnel Policy POTS POTS to Pipes PPP Privacy Profile Project Management PW3E QoS Remote Desktop Requirements RIP Routig Routing RPL RSVP Rural Scanning SDN Security Sensor Service Provider Small Business SONET Spam Speed SS7 SSL Subnetting T-Shark TCP TCP/IP Technology Telco Telecom 101 Telecommunications Terminal TLS Tools TR-069 Traffic Engineering Training TRANSUM Travel Tunnel Ubuntu Utility Video Virtualization VoIP VRF Wi-Fi Windows Wireless Wireless 5G Wireshark WLAN ZigBee

Our Twitter Feed