Detailed information

Softonic rating:
  • Good
  • 7/10
License:
Free (GPL)
Language:
  • English
Added:
March 6, 2010
Updated:
November 5, 2013
Publisher:
Wireshark | More programs (4)
Size:
21.1 MB
Recent changes:
Bug Fixes

* The following bugs have been fixed:
* Wireshark is unresponsive when capturing from named pipes on Windows. (Bug 1759)
* Ring buffers are no longer turned on by default when using multiple capture files.

New and Updated Features

* The following features are new (or have been significantly updated) since version 1.4:
* Wireshark can import text dumps, similar to text2pcap.
* You can now view Wireshark's dissector tables (for example the TCP port to dissector mappings) from the main window.
* TShark can show a specific occurrence of a field when using '-T fields'.
* Custom columns can show a specific occurrence of a field.
* You can hide columns in the packet list.
* Wireshark can now export SMB objects.
* dftest and randpkt now have manual pages.
* TShark can now display iSCSI service response times.
* Dumpcap can now save files with a user-specified group id.
* Syntax checking is done for capture filters.
* You can display the compiled BPF code for capture filters in the Capture Options dialog.
* You can now navigate backwards and forwards through TCP and UDP sessions using Ctrl+, and Ctrl+. .
* Packet length is (finally) a default column.
* TCP window size is now avaiable both scaled and unscaled. A TCP window scaling graph is available in the GUI.
* 802.1q VLAN tags are now shown by the Ethernet II dissector.
* Various dissectors now display some UTF-16 strings as proper Unicode including the DCE/RPC and SMB dissectors.
* The RTP player now has an option to show the time of day in the graph in addition to the seconds since beginning of capture.
* The RTP player now shows why media interruptions occur.
* Graphs now save as PNG images by default.
* TShark can read and write host name information from and to pcapng-formatted files. Wireshark can read it. TShark can dump host name information via
* [-z hosts].
* The tshark -z option now uses the

[-z ,srt]

syntax instead of

[-z ,rtt]
* for all protocols that support service response time statistics. This syntax now matches Wireshark's syntax for this option.

New Protocol Support

* ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol, Constrained Application Protocol (COAP), Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket Direct Protocol (SDP), JSON, LISP Data, MikroTik MAC-Telnet, Mongo Wire Protocol, Network Monitor 802.11 radio header, OPC UA ExtensionObjects, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RSIP, SAMETIME, SCoP, SGSAP, Tektronix Teklink, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)

Updated Protocol Support

* New and Updated Capture File Support
o Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP OpenVMS TCPTrace, IPFIX (the file format, not the protocol), Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments, TamoSoft CommView

Getting Wireshark

* Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.

Vendor-supplied Packages

* Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations

* Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About
O.S.
Win2000/XP/2003/Vista/7/8
Last week's downloads:
252
Total downloads:
266,176
Download evolution:
In the last 10 weeks
Weeks Downloads
0 128
1 252
2 265
3 197
4 262
5 261
6 209
7 265
8 249
9 124