Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
# The following bugs have been fixed:
* SNMPv3 Engine ID registration.
* Wrong decoding of gtp.target identification.
* Reassemble.c leaks memory for GLIB > 2.8.
* Wireshark crashes when starting due to out-of-date plugin left behind from earlier installation.
* Failed to dissect TLS handshake packets.
* ISUP dissector problem with empty Generic Number.
* Illegal character is used in temporary capture file name.
* Lua code crashes wireshark after update to 1.8.3.
* Timestamp info is not saved correctly when writing DOS Sniffer files.
* 1.8.3 Wireshark User's Guide version is 1.6.
* Core dumped when the file is closed.
* LPP is misspelled in APDU parameter in e-CIDMeasurementInitiation request for LPPA message.
* Wrong packet bytes are selected for ISUP CUG binary code.
* Decodes FCoE Group Multicast MAC address as Broadcom MAC address.
* The SSL dissector stops decrypting the SSL conversation with Malformed Packet:SSL error messages.
* Unable to Save/Apply [Unistim Port] in Preferences.
* Some Information Elements in GTPv2 are not dissected correctly.
* Wrong bytes highlighted with "Find Packet...".
* 3GPP ULI AVP. SAI is not correctly decoded.
* Wireshark does not show "Start and End Time" information for Cisco Netflow/IPFIX with type 154 to 157.
* GPRS Tunnel Protocoll GTP Version 1 does not decode DAF flag in Common Flags IE.
* Wrong parcing of ULI of gtpv2 messages - errors in SAC, RAC & ECI.
* Version Number in EtherIP dissector.
* Warn Dissector bug, protocol JXTA.
* Electromagnetic Emission Parser parses field Event Id as Entity Id.
# Updated Protocol Support
* ANSI IS-637-A, ASN.1 PER, AX.25, Bluetooth HCI, CLNP, CSN.1, DCP-ETSI, DIAMETER, DIS PDU, DOCSIS CM-STATUS, DTLS, DTN, EtherIP, Fibre Channel, GPRS, GTP, GTPv2, HomePlug AV, IEEE 802.3 Slow, IEEE 802.15.4, ISUP, JXTA, LAPD, LPPa, MPLS, MS-MMC, NAS-EPS, NTLMSSP, ROHC, RSL, RTPS, SDP, SIP, SNMP, SSL
# New and Updated Capture File Support
* DOS Sniffer