Features includes deep inspection of hundreds of protocols, with more being added all the time, Live capture and offline analysis, Standard three-pane packet browser, Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility, and Rich VoIP analysis.
Key Features
Here are key features of Wireshark:
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript, CSV, or plain text
Download Wireshark 1.6.1 (July 18, 2011)
The links in this section correspond to files available for Wireshark 1.6.1. Select the files most appropriate for you.
- Download Wireshark 1.6.1 for Windows (32-bit)
- Download Wireshark 1.6.1 for Windows (64-bit)
- Download Wireshark 1.6.1 Portable Apps
What's New in Wireshark 1.6.1
Vulnerabilities fixed
The following vulnerabilities have been fixed.
- The Lucent/Ascend file parser was susceptible to an infinite loop. CVE-2011-2597 - Versions affected: 1.2.0 to 1.2.17, 1.4.0 to 1.4.7, and 1.6.0.
- The ANSI MAP dissector was susceptible to an infinite loop. (Bug 6044) - Versions affected: 1.4.0 to 1.4.7, and 1.6.0.
Bug Fixes
The following bugs have been fixed.
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
- wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
- Missing LUA function. (Bug 5006)
- Lua API description about creating a new Tvb from a bytearray is not correct in wireshark's user guide. (Bug 5199)
- Character echo pauses in Capture Filter field in Capture Options. (Bug 5356)
- White space in protocol field abbreviation causes runtime failure while registering Lua dissector. (Bug 5569)
- "File not found" box uses wrong filename encoding. (Bug 5715)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many . (Bug 5803)
- Wireshark crashes if Lua contains "Pref.range()" with missing arguments. (Bug 5895)
- The "range" field in Lua's "Pref.range()" serves as default while the "default" field does nothing . (Bug 5896)
- Wireshark crashes when calling TreeItem:set_len() on TreeItem without tvb. (Bug 5941)
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
- Cannot Live-capture VirtualBox network packets with Wireshark; pipe problem. (Bug 6002)
- Interface list in Capture Options isn't cleared when selecting other host. (Bug 6008)
- H323 rate multiplier wrong. (Bug 6009)
- Inclusion of config.h is too late in lex-files resulting in wrong definition of _FILE_OFFSET_BITS. (Bug 6012)
- tshark crashes when loading Lua script that contains GUI function. (Bug 6018)
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely decoded/described. (Bug 6022)
- Wireshark crashes when setting custom column's field name with conditional. (Bug 6028)
- Crash after applying "expert.severity" field as column. (Bug 6035)
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
- The SSL dissector can not resemble correctly the frames after TCP zero window probe packet. (Bug 6059)
- Packet parser takes too long for this trace. (Bug 6073)
- The SSL dissector can not resemble correctly the frames after TCP zero window probe packet. (Bug 6059)
- Wireshark crashes after repeating "File -> Import -> Cancel". (Bug 6080)
- Decoding of MQ ASCII and EBCDIC Traffic Flow - ASCII shows fine, EBCDIC does not. (Bug 6084)
- 802.11 Association Response Packet's "Status Code" field is imprecisely decoded/described. (Bug 6093)
- Abis interface not correctly handled in gsmtap dissector. (Bug 6097)
- Wrong decoding of RLC/MAC EGPRS Packet Downlink Ack/Nack (3GPP TS 44.060). (Bug 6098)
- CSN Ack/Nack Description wrongly handled in gsm_rlcmac_dl dissector (3GPP TS 44.060). (Bug 6101)
- wireshark 1.6.0 and python support: installer fails to create the wspy_dissectors subdirectory and . (Bug 6110)
- Wireshark crash during RTP stream analysis. (Bug 6120)
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
New and Updated Capture File Support
- Network Monitor.
Source: Wireshark 1.6.1 Release Notes
No comments:
Post a Comment