Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
The following bugs have been fixed:
Multiple dissectors could crash.
The IxVeriWave file parser could crash.
The WCP dissector could crash.
Some keyboard shortcut mix-up has been resolved by assigning new shortcuts to Edit ? Copy methods.
Remote interfaces are not saved.
Additional grouping in Expert Information dialog.
First start with non-empty extcap folder after install or reboot hangs at "initializing tap listeners".
Can’t hide expert categories in Expert Information.
Expert info dialog should have "Collapse All"/"Expand All" options.
SIP Statistics extract does not work.
Service Response Time - SCSI dialog crashes.
Wireshark & Tshark 2.4.2 core dumps with segmentation fault.
SSH remote capture promiscuous mode.
SOCKS pseudo header displays incorrect Version value.
Only first variable of list is dissected in NTP Control request message.
NTP Authenticator field dissection fails if padding is used.
BSSAP packet dissector issue - BSSAP_UPLINK_TUNNEL_REQUEST message.
"[Malformed Packet]" for Mobile IP (MIP) protocol.
There is a potential buffer underflow in File_read_line function in epan/wslua/wslua_file.c file.
Saving a temporary capture file may not result in the temporary file being removed.
New Protocol Support:
There are no new protocols in this release.
Updated Protocol Support:
Bluetooth, BSSAP, BT ATT, BT HCI, BT SMP, MIP, NTP, SCTP, SOCKS, UDS, and WCP.
New and Updated Capture File Support: