Funny how this video of me taken about 10+ years ago is still so relevant.
I cannot tell you how frustrating and surprising it is to run into technicians who are not willing to try new tools.
I find this to be more the case with tools or software that you have to pay for. Some technicians will try free software, but not give it a proper chance and quickly go back to their ‘old trusty tool’. If I did that i would have never tried Ethereal, aka Wireshark.
As networks evolve, your methodology, tools and knowledge need to evolve with it. I personally think every analyst should keep up with tools with the same degree of attention that they spend on routers, switches or server configurations.
A great example for Windows users is good old ping. Many analysts are not aware that with every version of operating system, Microsoft is adding new options as well as new utilities. Pathping is another example of a command that I show technicians that totally floors them. I chuckle when they ask, “where do I download that?”, or “when did Microsoft add that?”.
What technicians soon realize is that the specific tools I show them are for specific situations.
Then they notice that I have a ton of utilities that I reach for. Having more than one tool should be a requirement in any occupation.
In this video I use a mechanic as an example of someone who should have more than one tool.