Sharkfest22 Kansas City Review

I was scrolling through twitter.com and saw a post about a new podcast, ‘Sharkbytes‘ hosted by Roland Knall. The first episode is an interview with Betty DuBois and Sasha Mullins-Lassiter. In the interview, Sasha goes over her experience getting into cyber security and attending Sharkfest. This got me reminiscing, Sharkfest was my first ever ‘in-person’ tech conference and I don’t think I could have had a better experience.

Gerald Combs giving Day 1 keynote

Why write a retrospective? Well, I want more people on the fence, thinking about going to perhaps read this while they are researching and end up pulling the trigger. I remember before I attended I saw Denise Fishburne’s ‘review’ of Sharkfest on her YouTube channel Networking with Fish. Now I will never be as charismatic as Ms. Fishburne or on a podcast with Roland so I’ll fill this page with words behind my keyboard 🙂

Pre-Conference Classes

A great way, as it turns out, to lower any pre-conference social anxiety issues is to attend the pre-conference classes. My first class of two classes was titled ‘Introduction to Packets-How to Capture and Analyze with Wireshark’ and I simply couldn’t wait.

Before we even entered the class, we had a catered breakfast just outside of the classroom in a fairly fancy hotel in downtown Kansas City. Upon finishing, making sure to refill on my coffee, I entered the class to be met with one of the nicest people I’ve ever met in tech, my instructor, Betty DuBois. At my desk I had a notebook with sharks on it, Wireshark pens and a place to plug my laptop into. All in all I think we had less than 20 students in this two day ‘get to know’ Wireshark course.

The main point of this course was to try and take everyone, from where ever they are at skillset wise, and set them up for success during the following course and the conference itself. Highlights being a few hands on labs and most importantly all the ways in which to make your pcap sing by creating specific profiles for specific types of traffic within Wireshark.

Each day in these courses we all ate together around big tables, rubbing shoulders with the Wireshark development team as well as fellow students. It being such a small group you can’t help but feel included, no matter how nervous you might be on the inside. As mentioned before, these small groups helped ease the transition as we got a little more crowded in the second pre-conference course I attended ‘Cyber Threat Hunting with Wireshark’ taught by Chris Greer.

This course doubled in size, we had to be getting close to 40 people in the room. Chris had on a microphone and it seemed as though we were gearing up so to speak. The course was great with every lecture leading into a hands on lab. I took away some major advantages of pcapng vs pcap file structure as well as getting some practice using Betty’s profiles to quickly solve some lab challenges. Besides using Wireshark I tried to solve every lab using tshark, the cmd line version of Wireshark, as well.

After this one day course, we had a kickoff dinner. All the food that was catered was very good. I was continually surprised each meal of each day. I’ll discuss finances later, but will mention here that breakfast and lunch were included on pre-conference class days and then lunch and dinner was included on conference days (dinner with an open bar mind you).

The kickoff dinner was the first time you start to see a bigger group. But, in talking to the other attendees this is still a very small conference. I’d guess we had maybe 100 – 150 people at the opening night dinner and talk. Having met people during my two pre-conference classes I felt as though I already made connections and had conference friends. No awkward ‘all these people i don’t know’ feeling ever crept in. Like Sasha mentioned in the SharkBytes podcast, I felt like I belonged.

The Conference

The conference had three options for every time block with each time block consisting of about 90 minutes. So we had two talks before lunch and then two talks after lunch. As an attendee you get to decide which talk interests you the most, or mosey around the snack table, whatever suits you.

One of the main highlights was that I got to meet Tony Efantis. I’d been following him online since he started posting streams about his CCIE journey. Getting to know him a bit online before the conference as I’ve done with quite a few people over the last 3-4 years, Tony was the second person after A.J. Murray whom I got to connect with in person. Come to find out, our jobs are pretty closely aligned as he works on the hardware that the Air Force uses to do Defensive Cyber Operations.

Tony Efantis giving a talk titled “Build your own: Remotely accessible packet-capture drop box for troubleshooting networks <$100”

Besides Tony, if I had to give awards out to my favorite talks they would be Josh Clark’s “Troubleshoot like a doctor” on the first day. The attention to detail on the presentation and its foundational approach both moved me. In summary, this talk gave an illustration on how a doctor goes through training and then quickly makes choices on what to do with a patient and then he seamlessly ties this into how we could do this with IT troubleshooting. Taking into account that doctors have honed their troubleshooting methodology for way longer than IT has been a thing and it’s this experience he believes we can take from and apply to IT troubleshooting.

Another talk that has stayed with me was Mike Kershaw’s talk about software defined radio magic stuff on the last day! My current position in the Air Force deals mainly with different kinds of RADAR data sets and having Mike discuss ADS-B got me all excited. It was only a 90 minute talk but I enjoyed how he went from how to initially capture the traffic from the air to trying to make something meaningful out of it. Wireless technology has always been one of my weakest points but the things Mike is able to do make me want to get better in this field for sure!

The last person I’d give a special speaking award is Hansang Bae. He gave a talk on troubleshooting I believe, I don’t even recall the name of the course. I remember he was using a Remarkable2 for his presentation. Something I’ve been looking at purchasing for a long time and this was my first ever time seeing it in person. Mr. Bae was using it to draw or illustrate his point during his lecture. The way he was able to tell where a specific server was based on the time it took it to respond was the first thing that blew me away. I’ll admit the talk may of been a tad too advanced for me, but seeing him carve a pcap, make quick determinations, I knew I was in the presence of greatness.

Beyond the talks, I was most enthralled in Sake Block’s CTF. I believe this went live the first morning of the conference and ended the morning on the last day. I diligently worked through every challenge. Seemed as though this CTF was made for me difficulty wise. The prompts were difficult but not so difficult I wanted to dispose of my laptop in the nearest trash receptacle. Every break and meal I was following Sake around, probably annoying the shit out of him, looking for ways to accomplish whatever flag I was on and share with him the excitement of previous flags I finally got. I ended up clearing all but one flag by the time the buzzer sounded and placed 4th overall. Staying up to 2 am each night working on flags almost won me a trophy, if it wasn’t for those pesky online attendees, I would’ve been second behind Chris Greer. NEXT TIME!!! 🙂 But in all seriousness, Sake Block was a huge part of this conference for me. At the end of the conference I felt like I jived well with all the people whom trekked over from Europe.

Economics

Cost of Sharkfest

Sharkfest + All Pre-Conference Classes is just shy of $3,000. As mentioned above some food is also included, about 12 meals. In addition to paying for the conference you’ll need to secure air fare and lodging. So a total cost under $4500/person is very reasonable for those living within the US. Looking at the bigger conferences like CiscoLive I think you’ll see this cost is very good for what you end up getting.

Conclusion

I think this is a very good value given the content and atmosphere. From the small size of the conference to it being centered around an open source project, the feeling of inclusion and the lack of a feeling like someone trying to sell me something the entire time can not be overstated. The atmosphere was one of learning, especially the fundamentals as well as inclusion.

We all belong in tech.

Published by Andre Roberge

Packets // ☕️ & 🏀 // BA Philosophy // Sleep

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: