Packet captures give you the details you need to solve problems

Packet captures contain the details you need to solve network and cybersecurity issues faster. However, they can be difficult to work with and have a reputation for requiring specialized knowledge.

We believe that anyone can use pcaps! These articles, videos, and resources from experts in the industry can help get you started.

Packet captures give you the details you need to solve problems

Packet capture training resourcesPractical information for pcap analysis

Articles

5 tips to improve incident response using packet captures

February 03, 2021 · 5 min read

When an attack happens, the packet data that flows across the network is critical to the incident response lifecycle. Here's 5 tips to greatly improve the success of your security operations using pcaps along with tools like Zeek and Suricata.

Articles

Learning how to Troubleshoot WiFi

February 05, 2021 · 3 min read

Now that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?

Articles

Tips for Troubleshooting Encrypted Web Applications

February 02, 2021 · 5 min read

As security and privacy become more important every day, the use of encrypted connections between clients, servers, and peers has been increasing at an amazing rate. With efficiency improvements to secure technologies like TLS 1.3 and easier methods to obtain certificates like LetsEncrypt, this number is only going to grow.

Articles

Getting started with packet analysis for network and security issues

February 04, 2021 · 4 min read

Where do I start with packet capture analysis? Here are some expert resources from our colleagues in the network and security industry answering the most common questions we get about packet analysis at QA Cafe.

Articles

What are some easy to use packet capture tools?

February 04, 2021 · 5 min read

A common question we get other than where to find example packet captures is which packet capture tools exist that are either free, work in a command line, work directly with CloudShark, or all of the above. Here’s a list of our go-to capture tools (other than Wireshark of course) and the different scenarios in which they can be used.

Articles

It's not the network - troubleshooting slow apps with packet captures

February 04, 2021 · 5 min read

Is it the network, or the application? This question is so common that “it’s not the network” is a meme among IT professionals and developers alike.

Articles

Using Follow Stream for Packet Capture Analysis

February 04, 2021 · 6 min read

When getting to the heart of an application or security problem, finding the right TCP stream and following it using the “Follow TCP Stream” view in CloudShark is usually the place you want to get to in order to see an issue in action, for a great many use cases. But how do you find the right stream, and what should you look for once you’re viewing it?

Articles

Where can I find sample packet captures?

February 05, 2021 · 2 min read

CloudShark’s capture repository is great for uploading your own captures and building a complete list of your network capture history and all of the captures that are most important to you. But, one of the most frequent questions we get is “Where can I find sample packet captures?“”

Webinars

Cutting Through Network Forensic Data With Zeek

February 08, 2021 · 1 min read

Zeek (formerly Bro) is a powerful tool trusted by networking and cybersecurity experts for analyzing network traffic. By creating collated, organized records of network activity (called “logs”), Zeek gives the network analyst a new approach when dissecting and investigating traffic.

Webinars

Profiles Are Power - Best Practices for Network Problem Solving

February 08, 2021 · 1 min read

Betty DuBois gives an in-depth look at how profiles can help you solve your packet capture problems faster by cutting through the hard work and helping experts and entry-level analysts work together.

Articles

New ways to analyze network traffic with Suricata

September 13, 2021

In this article, we explore what Suricata is, what it does, and some of the new and interesting ways we use Suricata in CloudShark, CDRouter, and PassPort.

Webinars

Making the Internet Safer: How and Why We Use Suricata to Analyze Network Traffic and Test Network Devices

October 06, 2021

Whether you are a network product developer, network operator/ISP, or on a network/security operations team, learning about open-source Intrusion Detection System platforms like Suricata will help you! Watch our video to learn what it is how we use it in our products at QA Cafe.

Articles

Packet capture use cases for operators and ISPs

November 08, 2021

What are some of the best ways that operators can gather and record network packets? What should you do as a vendor to enable packet capture in your products? What are the best ways to work with captures once you have them?

Articles

Sample captures for QUIC, DoH, CommunityID, WPA3 and other protocols in CloudShark 3.10

November 17, 2022

This collection of sample capture files highlights some of the new and updated protocol support included in CloudShark 3.10, including QUIC, DoH, WPA3, JA3, CommunityID, OPUS over RTP, and Wireguard.

Articles

How to write a Wireshark tap plugin in Lua

January 20, 2023

Creating Lua plugins can be very useful to Wireshark and TShark users, and there’s a great community around building them. Here's how we built our Wireless Networks Tap in Lua to use as a useful example when writing your own plugins!

Articles

Using new display filters in CloudShark 3.10+

March 01, 2023

CloudShark 3.10 updates the display filter language, and users may need to update certain filters in their existing profiles. Here are the major changes users should know about and how to best use them!

Articles

About TCP Completeness

May 16, 2023

A new field in CloudShark called "TCP Completeness" calculates which packets of a TCP connection are seen in a PCAP file. This field allows you to determine if the TCP 3-way handshake has been captured while viewing any packet in the connection. This article will explain why it is essential to know if these packets have been captured, how the value for this field is calculated, and how you can use it.

Talk to an expert

Talk to an expert

Our team is happy to answer your questions or give you a demo. Drop us a line and we will get in touch!