Wireshark has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.
Wireshark is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education.
Product's homepage
Here are some key features of "Wireshark":
· Data can be captured "off the wire" from a live network connection, or read from a capture file.
· Ethereal can read capture files from tcpdump (libpcap).
· Captured network data can be browsed via a GUI, or via the TTY-mode "tethereal" program.
· Capture files can be programmatically edited or converted via command-line switches to the "editcap" program.
· Output can be saved or printed as plain text or PostScript.
· Data display can be refined using a display filter.
· Display filters can also be used to selectively highlight and color packet summary information.
· All or part of each captured network trace can be saved to disk.
What's New in This Release: [ read full changelog ]
Bug Fixes:
· The following vulnerabilities have been fixed.
· wnpa-sec-2013-23
· The RELOAD dissector could go into an infinite loop. Discovered by Evan Jensen. (Bug 8364, (Bug 8546)
· Versions affected: 1.8.0 to 1.8.6.
· CVE-2013-2486
· CVE-2013-2487
· wnpa-sec-2013-24
· The GTPv2 dissector could crash. (Bug 8493)
· Versions affected: 1.8.0 to 1.8.6.
· wnpa-sec-2013-25
· The ASN.1 BER dissector could crash. (Bug 8599)
· Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14.
· wnpa-sec-2013-26
· The PPP CCP dissector could crash. (Bug 8638)
· Versions affected: 1.8.0 to 1.8.6.
· wnpa-sec-2013-27
· The DCP ETSI dissector could crash. Discovered by Evan Jensen. (Bug 8231, bug 8540, bug 8541)
· Versions affected: 1.8.0 to 1.8.6.
· wnpa-sec-2013-28
· The MPEG DSM-CC dissector could crash. (Bug 8481)
· Versions affected: 1.8.0 to 1.8.6.
· wnpa-sec-2013-29
· The Websocket dissector could crash. Discovered by Moshe Kaplan. (Bug 8448, Bug 8499)
· Versions affected: 1.8.0 to 1.8.6.
· wnpa-sec-2013-30
· The MySQL dissector could go into an infinite loop. Discovered by Moshe Kaplan. (Bug 8458)
· Versions affected: 1.8.0 to 1.8.6.
· wnpa-sec-2013-31
· The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan. (Bug 8464)
· Versions affected: 1.8.0 to 1.8.6.
The following bugs have been fixed:
· The Windows installer and uninstaller does a better job of detecting running executables.
· Library mismatch when compiling on a system with an older Wireshark version. (Bug 6011)
· SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO. (Bug 7359)
· A console window is never opened. (Bug 7755)
· GSM_MAP show malformed Packets when two IMSI. (Bug 7882)
· Fix include and libs search path when cross compiling. (Bug 7926)
· PER dissector crash. (Bug 8197)
· pcap-ng: name resolution block is not written to file on save. (Bug 8317)
· Incorrect RTP statistics (Lost Packets indication not ok). (Bug 8321)
· Decoding of GSM MAP E164 Digits. (Bug 8450)
· Silent installer and uninstaller not silent. (Bug 8451)
· Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to placate recent autotools. (Bug 8452)
· Wifi details are not stored in the Decryption Key Management dialog (post 1.8.x). (Bug 8446)
· IO Graph should not be limited to 100k points (NUM_IO_ITEMS). (Bug 8460)
· geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit field truncated to 23 bits. (Bug 8532)
· IRC message with multiple params causes malformed packet exception. (Bug 8548)
· Part of Ping Reply Message in ICMPv6 Reply Message is marked as "Malformed Packet". (Bug 8554)
· MP2T wiretap heuristic overriding ERF. (Bug 8556)
· Cannot read content of Ran Information Application Error Rim Container. (Bug 8559)
· Endian error and IP:Port error when decoding BT-DHT response message. (Bug 8572)
· "ACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY" should be "ACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY". (Bug 8575)
· wireshark crashes while displaying I/O Graph. (Bug 8583)
· GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded) incorrectly. (Bug 8596)
· DTLS 1.2 uses wrong PRF. (Bug 8608)
· RTP DTMF digits are no longer displayed in VoIP graph analysis. (Bug 8610)
· Universal port not accepted in RSA Keys List window. (Bug 8618)
· Wireshark Dissector bug with HSRP Version 2. (Bug 8622)
· LISP control packet incorrectly identified as LISP data based when UDP source port is 4341. (Bug 8627)
· Bad tcp checksum not detected. (Bug 8629)
· AMR Frame Type uses wrong Value String. (Bug 8681)
New and Updated Features:
· There are no new features in this release.
New Protocol Support:
· There are no new protocols in this release.
Updated Protocol Support:
· AMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave, IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP, SIP, SSL/TLS, TCP, UA3G
New and Updated Capture File Support:
· Endace ERF, NetScreen snoop.
Find us on Google+
