Shooting the trouble down to the Wireshark Lua plugin

Jun 2019

17 Mon

18 Tue

19 Wed

20 Thu

21 Fri 08:45 AM – 05:40 PM IST

22 Sat 09:00 AM – 05:30 PM IST

23 Sun

Make a submission

NIMHANS Convention Centre, Bangalore

Tickets

##About Rootconf 2019:
The seventh edition of Rootconf is a two-track conference with:

Security talks and tutorials in audi 1 and 2 on 21 June.
Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.

##Topics and schedule:
View full schedule here: https://hasgeek.com/rootconf/2019/schedule

Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:

##Who should attend Rootconf?

DevOps programmers
DevOps leads
Systems engineers
Infrastructure security professionals and experts
DevSecOps teams
Cloud service providers
Companies with heavy cloud usage
Providers of the pieces on which an organization’s IT infrastructure runs -- monitoring, log management, alerting, etc
Organizations dealing with large network systems where data must be protected
VPs of engineering
Engineering managers looking to optimize infrastructure and teams

For information about Rootconf and bulk ticket purchases, contact info@hasgeek.com or call 7676332020. Only community sponsorships available.

##Rootconf 2019 sponsors:

#Platinum Sponsor

#Gold Sponsors

#Silver Sponsors

#Bronze Sponsors

#Exhibition Sponsor

#Community Sponsors

Hosted by

Rootconf

Rootconf is a community-funded platform for activities and discussions on the following topics: Site Reliability Engineering (SRE). Infrastructure costs, including Cloud Costs - and optimization. Security - including Cloud Security. more

All submissions

Previous Next

This submission has been added to the schedule

Shooting the trouble down to the Wireshark Lua plugin

Submitted Feb 27, 2019

Section: Workshop Technical level: Intermediate

Wireshark is a Free (Libre) and Open Source protocol analyzer used for troubleshooting networks, and analysis of communication protocols. The Lua programming language support has been included in Wireshark for scripting, prototyping and packet dissection. At Aerospike, a NoSQL database company, we have implemented a Wireshark Lua plugin to help us solve issues at the wire level. In this workshop, I will be sharing the experiences and knowledge gained in creating a Lua dissector plugin. This includes code structure, layout, snippets, prototyping, testing, use cases and documentation. We will also have a hands-on workshop to get the participants introduced to Wireshark and Wireshark Lua interface to write protocol dissectors.

Outline

Motivation
Wireshark Lua
Usage
Examples
Literate Programming
Markdown Structure
lit2lua
Protocol Dissection Pattern
Dissector Table
Wireshark User Interface
Hands-on Session
Message and Heartbeat Protocol
CDT List Operations
Reassembly of TCP Segments
Hot key Report
Tests
Debugging and Linting
Performance
Future Work
References

Source Code: https://github.com/aerospike/aerospike-wireshark-plugin

Requirements

You need to have Lua and Wireshark (GUI) installed on your laptop. If you are on any GNU/Linux distribution, you can the package manager to install them. For other operating systems, please install them from the official Wireshark downloads at https://www.wireshark.org/#download.

Familiarity with any programming language is good to get started with Lua.

Speaker bio

Shakthi Kannan is a Free Software enthusiast who plays a Senior DevOps Engineer role at Aerospike, Bengaluru. He has developed the Aerospike Wireshark Lua plugin that is used for troubleshooting and network analysis. He is an avid promoter of Free (Libre) and Open Source Software, and blogs at shakthimaan.com. He holds a Masters degree in Information Technology from Rochester Institute of Technology.