Wireshark is the world"s foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
Changelog:
# The following bugs have been fixed:
* TCP dissector doesn"t decode TCP segments of length 1.
* wireshark 1.4.0rc1 and python - spurious message.
* Missing LUA function.
* Lua API description about creating a new Tvb from a bytearray is not correct in wireshark"s user guide.
* Character echo pauses in Capture Filter field in Capture Options.
* White space in protocol field abbreviation causes runtime failure while registering Lua dissector.
* "File not found" box uses wrong filename encoding.
* capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many .
* Wireshark crashes if Lua contains "Pref.range()" with missing arguments.
* The "range" field in Lua"s "Pref.range()" serves as default while the "default" field does nothing .
* Wireshark crashes when calling TreeItem:set_len() on TreeItem without tvb.
* TvbRange_string(lua_State* L) call a wrong function.
* VoIP call flow graph displays BICC APM as a BICC ANM.
* Cannot Live-capture VirtualBox network packets with Wireshark; pipe problem.
* Interface list in Capture Options isn"t cleared when selecting other host.
* H323 rate multiplier wrong.
* Inclusion of config.h is too late in lex-files resulting in wrong definition of _FILE_OFFSET_BITS.
* tshark crashes when loading Lua script that contains GUI function.
* 802.11 Disassociation Packet"s "Reason Code" field is imprecisely decoded/described.
* Wireshark crashes when setting custom column"s field name with conditional.
* Crash after applying "expert.severity" field as column.
* GTS Descriptor count limited to 3 instead of 7.
* The SSL dissector can not resemble correctly the frames after TCP zero window probe packet.
* Packet parser takes too long for this trace.
* The SSL dissector can not resemble correctly the frames after TCP zero window probe packet.
* Wireshark crashes after repeating "File -> Import -> Cancel".
* Decoding of MQ ASCII and EBCDIC Traffic Flow - ASCII shows fine, EBCDIC does not.
* 802.11 Association Response Packet"s "Status Code" field is imprecisely decoded/described.
* Abis interface not correctly handled in gsmtap dissector.
* Wrong decoding of RLC/MAC EGPRS Packet Downlink Ack/Nack (3GPP TS 44.060).
* CSN Ack/Nack Description wrongly handled in gsm_rlcmac_dl dissector (3GPP TS 44.060).
* wireshark 1.6.0 and python support: installer fails to create the wspy_dissectors subdirectory and .
* Wireshark crash during RTP stream analysis.
* Tshark custom columns: Why don"t I get an error message?
# New and Updated Capture File Support
* Network Monitor.
Download: Wireshark 1.6.1 (Multiple Platform) | 18.5 MB (Open Source)
View: Wireshark Website