I don't get nearly as much opportunity to play with packets these days as I did in the first 5-10 years I was a handler and I miss it. I was looking back through some of my old diaries and realized that in the years since I wrote some of them, we have at least a generation of folks who have entered the field. So I thought that on (the day after) Groundhog Day, it might be time to point folks back to some stuff I wrote earlier. Note, some of the tools have changed/evolved, so ethereal is now wireshark and instead of hping3 I would probably use scapy, but here are 2 of my favorite diaries from the past. Check them out, [1] is from 2006 and [2] is from 2009.

[1] A TCP/IP mystery (solved)

[2] A packet challenge and how I solved it

---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu