Radically Open Security

Sake Blok

My interest in Networking was first raised when I started working for one of the first ISP's in The Netherlands (back in 1995). My L2/L3 knowlegde was gathered while working for a large bank. I then switched teams within that bank to manage their redundant internet gateway based on a loadbalanced firewall cluster, loadbalancers, ssl-offloaders, caches and proxies. In that time (2000) I started using Ethereal to troubleshoot problems within that environment. After my switch to a reseller, my skills developped towards bug-chasing and Ethereal/Wireshark has been an invaluable tool for me. I use it on a daily basis.

In february 2006 I wished to be able to filter on the "X-Forwarded-For:" http-header and joined the mailing-lists. First I wanted to ask for that functionality, but then I realised that I might be able to add it myself. Well, one thing led to another and after submitting a few of my own patches, I started working on bug-reports too. Resulting in being invited to the core development team in august 2007.

I live in The Netherlands near Amsterdam and have started the company SYN-bit in February 2010. SYN-bit specializes in troubleshooting services for Application Delivery Networks. Analyzing traffic flows to the bit level to solve design flaws, bugs. But also for exploring the best way to optimize application delivery. I also give training and do remote packet capture analysis :-)

Main development areas

As I am more a networking person than a programmer, I mainly contribute by solving issues I encounter while working with Wireshark. I also submitted a few enhancements and solved some bugs reported by others. My development skills are growing, but for now I consider myself skilled at looking at what other people have built and improving, reusing and combining things to solve the issues I want to solve.

Contributions so far

  • Added support for Cisco proprietary MST format
  • Added "Copy as Filter" functionality
  • Split time_delta in time delta captured and time delta displayed
  • Added support to read NetScreen snoop output data (ascii)
  • Added framework for conversation timestamps (and implemented it for tcp)
  • Added individual enable/disable functionality to the coloring rules
  • Added temporary coloring rules (with hotkeys)
  • Added Copy Value / Copy Fieldname
  • Added support in 'tshark -T fields" for fields with multiple occurrences miscellaneous bugfixes and enhancements

Other interests

  • Scuba diving
  • Photography (also while Diving)
  • Arthouse movies