Wireshark is the foremost network protocol analyzer that is available. The software is standard across industry and educational institutions alike.
There are many features to the software including; Deep inspection of hundreds of protocols, with more constantly being added. Live capture and offline analysis. Standard three-pane packet browser. Rich VoIP analysis. Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.
Read/write many different capture file formats. Capture files compressed with gzip can be decompressed on the fly. Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2. Colouring rules can be applied to the packet list for quick, intuitive analysis.
Output can be exported to XML, PostScript®, CSV, or plain text. Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
Wireshark is a multi-platform software that runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD and others.
In the latest update of Wireshark (1.10.8) There have been numerous bug fixes and brand new and updated features, which include:
# The following vulnerabilities have been fixed.
– The frame metadissector could crash.
# The following bugs have been fixed:
– VoIP flow graph crash upon opening.
– Tshark with “-F pcap” still generates a pcapng file.
– IPv6 Next Header 0x3d recognized as SHIM6.
– Failed to export pdml on large pcap.
– TCAP: set a fence on info column after calling sub dissector
– Dissector bug in JSON protocol.
– GSM RLC MAC: do not skip too many lines of the CSN_DESCR when the field is missing
– Wireshark PEEKREMOTE incorrectly decoding QoS data packets from Cisco Sniffer APs.
– IEEE 802.11: fix dissection of HT Capabilities
# Updated Protocol Support
– CIP, EtherNet/IP, GSM RLC MAC, IEEE 802.11, IPv6, and TCAP
# New and Updated Capture File Support
– pcap-ng, and PEEKREMOTE.
You can download the latest version of Wireshark at FileHippo.com
[Image via searchitchannel]