Reading
- Daniel Miessler’s tcpdump tutorial with examples. Best guide I’ve seen of an important tool for trying to understand network data flow
- Using tcpdump and Wireshark to figure out why elbs are returning 504s sometimes. Lots of good detail about investigation process