SharkFest’16 Conference Agenda

Monday, June 13, 2016
4:30pm / Shuttle departs from Conference Hotels (Shuttle Stop Locations) to Computer History Museum
4:00pm-8:00pm / SharkFest Badge Pick-Up (2nd Floor Lobby)
6:00pm-9:00pm / Welcome Dinner and Reception (Grand Hall – 2nd Floor) / Developer Den and The Reef Open (GrandHall – 2nd Floor)
9:00pm / Shuttle departs from Computer History Museum (Shuttle Stop Location) to Conference Hotels

Session Level Legend: Beginner = Intermediate = Advanced/Developer =

Tuesday, June 14, 2016
7:30am
7:45am / / Shuttle departs from Conference Hotels (Shuttle Stop Locations) to Computer History Museum
8:00am-9:00am / Breakfast(Grand Hall – 2nd Floor)
9:00am-10:00am / Keynote: “The Ancient History of Computers and Network Sniffers”
Len Shustek, Co-Founder of Network General, Chairman of the Board, Computer History Museum
(Hahn Auditorium – 2nd Floor)
Room 1 - Hahn Auditorium / Room 2 – Grand Hall Classroom / Room 3 – Lovelace Lecture Room
10:00am-10:30am / Morning Break
10:30am-11:45am / 01
In the Packet Trenches
Hansang Bae / 02
We Still Don’t Get It! Security is Still Hard
Mike Kershaw / 03
Writing a Dissector: 3 Ways to Eat Bytes
Graham Bloice
11:45am-12:45pm / Lunch(Grand Hall – 2nd Floor)
12:45pm-2:00pm / 04
Tackling the Haystack: How to Process Large Numbers of Packets – Part 1
Jasper Bongertz / 05
TCP Tips, Tricks, and Traces: Let’s Chat About What Makes Applications Crawl
Chris Greer / 06
Analyzing & Re-implementing a Proprietary Protocol
Jonah Stiennon
2:00pm-2:15pm / Afternoon Break 1
2:15pm-3:30pm / 07
Tackling the Haystack: How to Process Large Numbers of Packets – Part 2
Jasper Bongertz / 08
Network Baselining with Wireshark to Identify and Stop Unwanted Communications
Jon Ford / 09
Troubleshooting IPv6 with Wireshark – Part 1
HANDS-ON LAB
Jeff Carrell
3:30pm-3:45pm / Afternoon Break 2
3:45pm-5:00pm / 10
T-Shark for the Win
Christian Landstrom / 11
Can You Hear Me Now?: Demystifying VoIP Analysis
Phill Shade
/ 12
Troubleshooting IPv6 with Wireshark – Part 2
HANDS-ON LAB
Jeff Carrell
6:00pm-9:00pm / Vendor Showcase Dinner and Reception (1st Floor and Front Parking Lot)
9:00pm / Shuttle departs from Computer History Museum (Shuttle Stop Location) to Conference Hotels

Session Level Legend: Beginner = Intermediate = Advanced/Developer =

Wednesday, June 15, 2016
7:30am
7:45am / / Shuttle departs from Conference Hotels (Shuttle Stop Locations) to Computer History Museum
8:00am-9:00am / Breakfast (Grand Hall – 2nd Floor)
9:00am-10:00am / SharkBytes Presentations (Must Pre-Register in the Reef) (Hahn Auditorium – 2nd Floor)
Room 1 - Hahn Auditorium / Room 2 – Grand Hall Classroom / Room 3 – Lovelace Lecture Room
10:00am-10:30am / Morning Break
10:30am-11:45am / 13
Capture Filter Sorcery: How to Use Complex BPF Capture Filters in Wireshark
Sake Blok / 14
Cisco ACI and Wireshark: Getting Back Our Data
Karsten Hecker / 15
Adventures in Packet Analysis: Run Wireshark Everywhere!
Maher Adib
11:45am-12:45pm / Lunch (Grand Hall – 2nd Floor)
12:45pm-2:00pm / 16
Advanced Wireshark Display Filters: How to Zoom in on the 10 Packets You Actually Need
Betty DuBois / 17
Tempering tsharktcpdump with tmux
Boyd Stephens / 18
Determining Topology from a Capture File
Chris Bidwell
2:00pm-2:15pm / Afternoon Break 1
2:15pm-3:30pm / 19
Markers – Beacons in an Ocean of Packets
Matthew York / 20
Troubleshooting with Layer 2 Control Protocols
Werner Fischer / 21
Wireshark 2.0 Tips for HTTP1/2 Analysis
Megumi Takeshita
3:30pm-3:45pm / Afternoon Break 2
3:45pm-5:00pm / 22
Detection and Verification of IoCs (Indicators of Compromise)
Jasper Bongertz / 23
Troubleshooting a Multi-Tier Application in a Production Environment
Captain Brad Palm / 24
The Packet A(nalysis) Team: Case Studies in Helping Solve Problems with Packet Analysis
Kary Rogers
5:00pm-6:00pm / Open Time – Visit the Reef to turn in your Packet Challenge Answers! /
6:00pm-8:00pm / Attendee Dinner and Reception (Grand Hall – 2nd Floor)
8:30pm / Shuttle departs from Computer History Museum (Shuttle Stop Location) to Conference Hotels

Session Level Legend: Beginner = Intermediate = Advanced/Developer =

Thursday, June 16, 2016
7:30am
7:45am / / Shuttle departs from Conference Hotels (Shuttle Stop Locations) to Computer History Museum
8:00am-9:00am / Breakfast(Grand Hall – 2nd Floor)
Room 1 - Hahn Auditorium / Room 2 – Grand Hall Classroom / Room 3 – Lovelace Lecture Room
9:00am-10:15am / 25
Troubleshooting in the Large Enterprise – Part 1
Hansang Bae / 26
Forensic Network Analysis in the Time of APTs
Christian Landstrom / 27
WiFiCapture and Injection on Various OSes - Revisited
Thomas D’Otreppe
10:15am-10:30am / Morning Break
10:30am-11:45am / 28
Troubleshooting in the Large Enterprise – Part 2
Hansang Bae / 29
Those Who Don't Learn from
the Past are Doomed to
Repeat It: Cyber Forensic
Case Studies
Phill Shade / 30
Learning About Networking By Using Wireshark with GNS3: Learn Safely in an Emulator
John Schreiner
11:45am-12:45pm / Lunch(Grand Hall – 2nd Floor)
12:45pm-2:00pm / 31
Narrow Escapes with pcap Files
Sake Blok / 32
SDN/OpenFlow Analysis
Jeff Carrell / 33
Using Wireshark to Prove Root Cause: Real-World Troubleshooting Tales
Graeme Bailey
2:00pm-2:15pm / Afternoon Break 1
2:15pm-3:30pm / 34
Top 5 False Positives
Jasper Bongertz / 35
TCP Tips, Tricks, and Traces: Let’s Chat About What Makes Applications Crawl
Chris Greer / 36
We Still Don’t Get It! Security is Still Hard
Mike Kershaw
3:30pm-3:45pm / Afternoon Break 2
3:45pm-5:00pm / Beyond Wireshark 2.0
Closing Keynote by Gerald Combs and Guests
5:00pm-8:00pm / Closing Reception (Courtyard – 1st Floor)
8:00pm / Shuttle departs from Computer History Museum (Shuttle Stop Location) to Conference Hotels

Draft Conference Agenda – SharkFest 2016 US lc01Page 1