Endace Packet Forensics Files: Episode #46

Original Entry by : Michael Morris

Michael talks to Gerald Combs, Wireshark Founder, and Stephen Donnelly, Endace CTO

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

How did Wireshark come to be, and what’s made it so successful – not just as the pre-eminent tool for analyzing network packet data, but as an open-source project in general?

In this episode I talk to Wireshark founder, Gerald Combs, and Endace CTO, Stephen Donnelly, about the origins of Wireshark, and why packet capture data is so crucial for investigating and resolving network security threats and network or application performance issues.

Gerald talks about the early days of Ethereal, a “packet sniffer” he originally created for his own use in his role at an ISP, but subsequently open-sourced as Wireshark. That fortuitous decision was key, Gerald says, to the subsequent ongoing growth and success of the Wireshark project – which will turn 25 years old in July! It enabled developers from around the world to contribute to the project, creating a Windows version in the process, and helping Wireshark to become the gold standard tool for network analysis, used by SecOps, NetOps and IT teams the world over.

Stephen has been using Wireshark right from the earliest days – when it was still called Ethereal – and is one of the many contributors to the project.Stephen and Gerald both talk about why packet analysis is so important for cybersecurity and network performance analysis (the ubiquitous “Packets Don’t Lie” T-shirt – available from the Wireshark Foundation store – says it all really), and discuss examples of the many and varied problems that Wireshark is helping people to solve.

Stephen outlines the differences between network flow data and packet capture data and why packet data is essential for solving some problems where flow data just doesn’t contain the level of detail required.

Wireshark is continually evolving, with support for new protocols, and new UI enhancements that make it easier for analysts to slice-and-dice packet data. Gerald says that Wireshark is almost the perfect open-source project because it allows for a lot of parallel collaboration from contributors in creating new dissectors and ensuring that Wireshark continues to keep pace with the rapid pace of change in networking. Now that planning for Wireshark 5.x has started Gerald also looks ahead to some of the possible new features that might appear in future releases.

And finally, Gerald talks about the new Wireshark Foundation (which Endace is a sponsor of) which has been setup to provide support for ongoing development of the Wireshark project and ensure it continues its resounding success into the future.

Wireshark is coming up on its 25th birthday and still going from strength-to-strength. Don’t miss this fascinating interview with the leader of one of the most successful open-source projects around. Gerald and Stephen’s insightful commentary as well some fantastic tips-and-tricks make this a must-watch episode.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.

Winners of the inaugural Endace Women in Tech Scholarship

Original Entry by : Endace

The inaugural Endace Women in Technology Scholarship has been awarded to two University of Waikato students: software engineering student Abbie Reid and computer science student Emily McCullagh.

This scholarship, established by Endace in 2022, is part of ongoing efforts to encourage women in the tech industry, with recipients chosen based on their outstanding grades and commitment to supporting future generations of women in technology.

“Endace recognises the need to help empower under-represented groups through education, we are proud to be working with Waikato University to help these talented young women to succeed” says Endace CEO, Stuart Wilson.

Abbie, a third-year Bachelor of Engineering (Hons) student, eagerly embraced the role of lab assistant to foster an inclusive environment and expresses gratitude for the scholarship’s potential, saying, “Support like this will go a long way to encouraging more women in technology.”

Emily, also in her third year, previously worked in administration, supporting departments like Finance, Marketing, and Retail. Her fascination with systems and problem-solving led her to choose to study at Waikato. As a lab demonstrator, she is passionate about supporting women in technology, mentoring younger students, and showcasing their potential. Emily expresses gratitude to Endace for their support: “Scholarships like this help financially but it also helps encourage students to stick out their degrees.”

Stephen Donnelly, Endace CTO was very impressed with the number and high calibre of all the applicants for this scholarship. “Abbie and Emily especially stood out with both their academic excellence and their dedication to furthering Women in Technology.”

As part of the scholarship, Abbie and Emily have the opportunity to secure a work placement with Endace.