Published June 1, 2011 by Download Software
Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
Feature:
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
System Requirements:
- Operating System: Windows All Version
- Language: English-US
- License: Freeware
- Author: Wireshark Foundation
Changelog:
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
- Large/infinite loop in the DICOM dissector.
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark.Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark.Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
- David Maciejak of Fortinet's FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark.
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark.Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
The following bugs have been fixed:
- AIM dissector has some endian issues.
- Telephony→MTP3→MSUS doesn't display window.
- Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7") packets.
- Service Indicator in M3UA protocol data.
- IEC60870-5-104 protocol, incorrect decoding of timestamp type CP56Time2a.
- DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF _FDCTR_16NF.
- 3GPP QoS: Traffic class is not decoded properly.
- Wireshark crashes when creating ProtoField.framenum in Lua.
- Fix a wrong mask to extract FMID from DECT packets dissector.
- Incorrect DHCPv6 remote identifier option parsing.
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
DICOM, IEC104, M3UA, TCP,
New and Updated Capture File Support
Network Monitor.
| Download
Sponsored Links (What this)