2011/04/19

Wireshark 1.5.1 Development

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Features:
· Deep inspection of hundreds of protocols, with more being added all the time
· Live capture and offline analysis
· Standard three-pane packet browser
· Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
· Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
· The most powerful display filters in the industry
· Rich VoIP analysis
· Read/write many different capture file formats: tcpdump (libpcap), Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
· Capture files compressed with gzip can be decompressed on the fly
· Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
· Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
· Coloring rules can be applied to the packet list for quick, intuitive analysis
· Output can be exported to XML, PostScript®, CSV, or plain text

What's New:
Bug Fixes:
· The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
· The DOCSIS dissector could crash. (Bug 4644), (bug 4646)
· Versions affected: 0.9.6 to 1.0.12, 1.2.0 to 1.2.7
The following bugs have been fixed:
· HTTP parser limits with Content-Length. (Bug 1958)
· MATE dissector bug with GOGs. (Bug 3010)
· Changing fonts and deleting system time from preferences, results in wireshark crash. (Bug 3387)
· ERF file starting with record with timestamp=0,1 or 2 not recognized as ERF file. (Bug 4503)
· The SSL dissector can not correctly resemple SSL records when the record header is spit between packets. (Bug 4535)
· TCP reassembly can call subdissector with incorrect TCP sequence number. (Bug 4624)
· PTP dissector displays big correction field values wrong. (Bug 4635)
· MSF is at Anthorn, not Rugby. (Bug 4678)
· ProtoField __tostring() description is missing in Wireshark's Lua API Reference Manual. (Bug 4695)

No comments:

Post a Comment