As a systems administrator, or even any other user who wants to monitor and analyze network protocol, sometimes traditional troubleshooting may just not cut it at all. Sometimes despite all the ordinary troubleshooting processes you still cannot get a certain website to work over your network, while it easily opens over a different network. Or you may want to capture traffic flow over your network at the office. Either way, a network protocol comes in handy.
Why should you use Wireshark?
Wireshark monitors network interface cards in order to capture the traffic flowing through. These packets of data on NICs are then analyzed for information or possible solutions to problems. In addition, it has the ability to negotiate multiple protocols on the open systems interconnection layer. You can also capture network interface cards for many two-layer protocols such as PPP, Ethernet as well as ARP requests and routing protocols.
It can capture different media traffic whether you are looking at VOIP calls, USB or application layer protocols. You can also see data such usernames and passwords when somebody signs in over a network where you are equipped with Wireshark. Malicious activity on your network can also be detected. You can set filters to capture only the kind of traffic you are interested in, which, given how much traffic flows over a network ordinarily, is a useful function.
Key Features of Wireshark Include:
- It has a live capture and offline analysis capability;
- Deep inspection of hundreds of protocols, and more being added as time goes by;
- A three-pane packet browser;
- It is multi-platform, running on Windows, Mac, Solaris, Linux, FreeBSD, and many more;
- You can browse captured data via a Graphic User Interface or the TTY model TShark utility;
- Very powerful display filters;
- Rich VoIP analysis;
- It can read and write different capture file formats;
- You can read live data as it is captured;
- It has decryption support for many protocols;
- You can export output to XML, Postscript, CSV or plain text.
This tool is useful for learning about how network protocols work. It can also be useful for solving problems over the network that ordinary black box approaches cannot solve. Over shared networks such as public Wi-Fi, you can use it to hack and retrieve passwords and usernames from other users
What's new in 3.0.3 version?
- The Windows installers now ship with Qt 5.12.4. They previously shipped with Qt 5.12.3.
- The Windows installers now ship with Npcap 0.996. They previously shipped with Npcap 0.995.
- The macOS installer now ships with Qt 5.12.4. It previously shipped with Qt 5.12.1.
The following vulnerabilities have been fixed:
- wnpa-sec-2019-20 ASN.1 BER and related dissectors crash. Bug 15870. CVE-2019-13619.
The following bugs have been fixed:
- "ninja install" installs help/faq.py instead of help/faq.txt. Bug 15543.
- In Wireshark 3.0, encrypted DOCSIS PDU packets no longer match the filter "eth.dst". Bug 15731.
- Developer’s Guide section 3.9 "Contribute your changes" should incorporate or link "Writing a good commit message" from the Wiki. Bug 15752.
- RSL dissector bugs in presence of optional IEs. Bug 15789.
- The "Media Attribute Value" field is missed in rtcp SDP dissection (packet-sdp.c). Bug 15791.
- BTLE doesn’t properly detect start fragment of L2CAP PDUs. Bug 15807.
- Wi-SUN FAN decoder error, Channel Spacing and Reserved fields are swapped. Bug 15821.
- tshark: Display filter error message references "-d" when it should reference "-Y". Bug 15825.
- Open "protocol" preferences …? does not work for protocol in subtree. Bug 15836.
- Problems with sshdump "Error by extcap pipe: sh: sudo: command not found". Bug 15845.
- editcap won’t change encapsulation type when writing pcap format. Bug 15873.
- ITU-T G.8113.1 MPLS-TP OAM CC,LMM,LMR,DMM and DMR are not seen in the 3.0.2. Bug 15887.
New and Updated Features:
- There are no new features in this release.
New Protocol Support:
- There are no new protocols in this release.
Updated Protocol Support:
- AERON, ASN.1, BTLE, CUPS, DNS, DOCSIS, DPNSS, GSM RLC/MAC, HiQnet, ISO 14443, ISObus VT, LDAP, MAC LTE, MIME multipart, MPLS, MQ, RSL, SDP, SMB, TNEF, and Wi-SUN
- New and Updated Capture File Support
- New and Updated Capture Interfaces support
- There is no new or updated capture file support in this release.
Last Updated: 2019-08-12
File size: 51.63 MB
Operating system: Windows 10, Windows 8/8.1, Windows 7, Windows Vista, Windows XP
MD5 Checksum: f7a7a90613c76545b77ce8731d60ad5d