Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. You could think of a network packet analyzer as a measuring device used to examine what’s going on inside a network cable, just like a voltmeter is used by an electrician to examine what’s going on inside an electric cable (but at a higher level, of course). In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. Wireshark is perhaps one of the best open source packet analyzers available today.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
Wireshark 3.2.4 changelog:
The following vulnerabilities have been fixed
wnpa-sec-2020-08 The NFS dissector could crash. Bug 16476.
The following bugs have been fixed
- SDP dissector does not parse sprop-parameter-sets field. Bug 16322.
- PVS-Studio analyser long list of issues. Bug 16335.
- Can’t have duplicate personal and global profile names. Bug 16423.
- pcapng file dissector incorrectly computes nanoseconds from timestamps because it assumes the resolution is in nanoseconds. Bug 16440.
- Read of uninitialized memory in detect_camins_file. Bug 16458.
- Read of uninitialized memory in lanalyzer_read_trace_record. Bug 16459.
- capture -> options -> select interface -> (choose) -> SEGV. Bug 16489.
- SOMEIP: SOME/IP dissector ignores the length field configuration of structs. Bug 16490.
- Packet List Pane doesn’t consume the entire pane. Bug 16491.
- Range parameter on numeric parameter in extcap plugin doesn’t work. Bug 16510.
- Export Packet Dissections not working on Windows (Wireshark 3.2.x). Bug 16516.
- capinfos “Capture duration” output is truncated if there are more than 11 digits of seconds and fractions of a second. Bug 16519.
- MIME Files Format/pcapng: Simple Packet Block parsed incorrectly. Bug 16526.
- SOMEIP: SOME/IP-SD unique id is not unique for eventgroup types (BUG). Bug 16549.
- Buildbot crash output: fuzz-2020-05-13-12195.pcap. Bug 16564.
Updated Protocol Support
- AoE, APRS, ASN.1 BER, DIS, DTLS, FTP, GSM SMS, H.264, IMAP, Infiniband, ISObus VT, Kafka, LSD, MAC LTE, NAS 5GS, NFS, ONC RPC, OSC, pcapng, PDCP LTE, RADIUS, RLC LTE, RTSP, SDP, SIP, Snort, SOMEIP, STUN, TLS, and UMTS FP
New and updated capture file support
Camins, Catapult DCT 2000, Lanalyzer, and MPEG
Get alerted to all of our Software updates on Twitter at @NeowinSoftware