SMBcmp - A New Tool to Diff Network Captures

Explore a conference talk introducing smbcmp, a novel tool for comparing network captures. Learn how this open-source solution leverages Wireshark to facilitate side-by-side packet analysis, similar to source code diff tools. Discover the tool's functionality, advanced features, and practical applications in debugging network protocol issues, particularly for the Linux SMB client. Gain insights into troubleshooting techniques, including log analysis, system call tracing, and systemwide recording. Understand the benefits of smbcmp in handling complex scenarios involving hundreds of packets and fields, and its potential to streamline the comparison of "working" and "failing" cases across different client/server implementations.

Introduction
SMB Team
Bugs
Reading code
Git bisect
Different implementations
Troubleshooting
Looking at logs
Tracing system calls
Systemwide recording
Network captures
Why works on Linux
decryption support
SMB client
Working and nonworking cases
Summary view
How it works
Initial prototype
Protocol agnostic