A workshop on strace & tcpdump by Julia Evans.
From the post:
This week at work, I ran a workshop on tcpdump and strace. a couple of people on Twitter asked about it so here are some notes. This is mostly just so I can reuse them more easily next time, but maybe you will also find it interesting. The notes are a bit sparse.
I basically did a bunch of live demos of how to use tcpdump & strace, and then took questions & comments as people had them. I ran it in an hour, which I think was fine for people who already had some familiarity with the tools, but really aggressive if you’re learning from scratch. Will do that differently next time.
…
As Julia says, the notes are rather sparse but you could expand them to make the presentation your own.
Good reminder that reports from tools are just that, reports from tools.
If you aren’t close to the metal, you are taking a tool’s word for messages and system state.
Do you trust your tools that much?