Wireshark

• 2Ovo se svidja korisnicima: mcrule, A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.2.6 (Open Source)





Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

* Deep inspection of hundreds of protocols, with more being added all the time
* Live capture and offline analysis
* Standard three-pane packet browser
* Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
* Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
* The most powerful display filters in the industry
* Rich VoIP analysis
* Read/write many different capture file formats
* Capture files compressed with gzip can be decompressed on the fly
* Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
* Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
* Coloring rules can be applied to the packet list for quick, intuitive analysis
* Output can be exported to XML, PostScript®, CSV, or plain text



Download: http://www.wireshark.org/download.html

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.2.8 (32-bit)



# The following vulnerabilities have been fixed:

* The DOCSIS dissector could crash. (Bug 4644), (bug 4646) Versions affected: 0.9.6 to 1.0.12, 1.2.0 to 1.2.7

# The following bugs have been fixed:

* HTTP parser limits with Content-Length. (Bug 1958)
* MATE dissector bug with GOGs. (Bug 3010)
* Changing fonts and deleting system time from preferences, results in wireshark crash. (Bug 3387)
* ERF file starting with record with timestamp=0,1 or 2 not recognized as ERF file. (Bug 4503)
* The SSL dissector can not correctly resemple SSL records when the record header is spit between packets. (Bug 4535)
* TCP reassembly can call subdissector with incorrect TCP sequence number. (Bug 4624)
* PTP dissector displays big correction field values wrong. (Bug 4635)
* MSF is at Anthorn, not Rugby. (Bug 4678)
* ProtoField __tostring() description is missing in Wireshark's Lua API Reference Manual. (Bug 4695)
* EVRC packet bundling not handled correctly. (Bug 4718)
* Completely unresponsive when run very first time by root user. (Bug 4308)

# Updated Protocol Support

* DOCSIS, HTTP, SSL

# Updated Capture File Support

* ERF, PacketLogger.





Download: http://www.wireshark.org/

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.2.10 (32-bit)




# The following vulnerabilities have been fixed.

* The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4867)
- Versions affected: 0.10.8 to 1.0.14, 1.2.0 to 1.2.9
> CVE-2010-2287
* The GSM A RR dissector could crash. (Bug 4897)
- Versions affected: 1.2.2 to 1.2.9
* Due to a regression the ASN.1 BER dissector could overrun the stack.
- Versions affected: 0.10.13 to 1.0.14, 1.2.0 to 1.2.9
> CVE-2010-2284
* The IPMI dissector could go into an infinite loop.
- Versions affected: 1.2.0 to 1.2.9

# The following bugs have been fixed:

* Wireshark crashes after configuring new Information column. (Bug 4854)
* Crash triggered when changing display filter from right-mouse pop-up menu via packet-list. (Bug 4860)
* Wireshark crash selecting Inter-Asterisk exchange v2 packet data. (Bug 4868)
* zlib-1.2.5 cause tshark to stop live capture. (Bug 4916)
* Crash when adding SNMP users. (Bug 4926)
* Wireshark via ssh -X on ipv6 link-local address fails to allow capture. (Bug 4945)
* OMAPI dissector fails to parse combined initialization messages. (Bug 4982)
* QUERY_FS_INFO for Macintosh level 0x301 - MacSupportFlags decodes wrong. (Bug 4993)
* SCSI dissector misidentifies ATA PASSTHROUGH command as ACCESS CONTROL IN. (Bug 5037)
* Wrong decoding of GTP Prime (GTP') packets. (Bug 5055)

# Updated Protocol Support

* ASN.1 BER, GSM A RR, GTP, IAX2, IPMI, OMAPI, PRES, SCSI, SMB, UNISTIM




Download: http://www.wireshark.org/

• 2Ovo se svidja korisnicima: oblak, A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.4.0



# The following bugs have been fixed:
* Update time display in background. (Bug 1275)
* Wireshark is unresponsive when capturing from named pipes on Windows. (Bug 1759)
* Tshark returns 0 even with an invalid interface or capture filter. (Bug 4735)

# New and Updated Features
* The packet list internals have been rewritten and are now more efficient.
* Columns are easier to use. You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header.
* Preliminary Python scripting support has been added.
* Many memory leaks have been fixed.
* Wireshark 1.4 does not support Windows 2000. Please use Wireshark 1.2 or 1.0 on those systems.
* Packets can now be ignored (excluded from dissection), similar to the way they can be marked.
* Manual IP address resolution is now supported.
* Columns with seconds can now be displayed as hours, minutes and seconds.
* You can now set the capture buffer size on UNIX and Linux if you have libpcap 1.0.0 or greater.
* TShark no longer needs elevated privileges on UNIX or Linux to list interfaces. Only dumpcap requires privileges now.
* Wireshark and TShark can enable 802.11 monitor mode directly if you have libpcap 1.0.0 or greater.
* You can play RTP streams directly from the RTP Analysis window.
* Capinfos and editcap now respectively support time order checking and forcing.
* Wireshark now has a "jump to timestamp" command-line option.
* You can open JPEG files directly in Wireshark.

# New Protocol Support
* 3GPP Nb Interface RTP Multiplex, Access Node Control Protocol, Apple Network-MIDI Session Protocol, ARUBA encapsulated remote mirroring, Assa Abloy R3, Asynchronous Transfer Mode, B.A.T.M.A.N. Advanced Protocol, Bluetooth AMP Packet, Bluetooth OBEX, Bundle Protocol, CIP Class Generic, CIP Connection Configuration Object, CIP Connection Manager, CIP Message Router, collectd network data, Control And Provisioning of Wireless Access Points, Controller Area Network, Device Level Ring, DOCSIS Bonded Initial Ranging Message, Dropbox LAN sync Discovery Protocol, Dropbox LAN sync Protocol, DTN TCP Convergence Layer Protocol, EtherCAT Switch Link, Fibre Channel Delimiters, File Replication Service DFS-R, Gateway Load Balancing Protocol, Gigamon Header, GigE Vision Control Protocol, Git Smart Protocol, GSM over IP ip.access CCM sub-protocol, GSM over IP protocol as used by ip.access, GSM Radiotap, HI2Operations, Host Identity Protocol, HP encapsulated remote mirroring, HP NIC Teaming Heartbeat, IEC61850 Sampled Values, IEEE 1722 Protocol, InfiniBand Link, Interlink Protocol, IPv6 over IEEE 802.15.4, ISO 10035-1 OSI Connectionless Association Control Service, ISO 9548-1 OSI Connectionless Session Protocol, ISO 9576-1 OSI Connectionless Presentation Protocol, ITU-T Q.708 ISPC Analysis, Juniper Packet Mirror, Licklider Transmission Protocol, MPLS PW ATM AAL5 CPCS-SDU mode encapsulation, MPLS PW ATM Cell Header, MPLS PW ATM Control Word, MPLS PW ATM N-to-One encapsulation, no CW, MPLS PW ATM N-to-One encapsulation, with CW, MPLS PW ATM One-to-One or AAL5 PDU encapsulation, Multiple Stream Reservation Protocol, NetPerfMeter Protocol, NetScaler Trace, NexusWare C7 MTP, NSN FLIP, OMRON FINS Protocol, packetbb Protocol, Peer Network Resolution Protocol, PKIX Attribute Certificate, Pseudowire Padding, Server/Application State Protocol, Solaris IPNET, TN3270 Protocol, TN5250 Protocol, TRILL, Twisted Banana, UMTS FP Hint, UMTS MAC, UMTS Metadata, UMTS RLC, USB HID, USB HUB, UTRAN Iuh interface HNBAP signalling, UTRAN Iuh interface RUA signalling, V5.2, Vendor Specific Control Protocol, Vendor Specific Network Protocol, VMware Lab Manager, VXI-11 Asynchronous Abort, VXI-11 Core Protocol, VXI-11 Interrupt, X.411 Message Access Service, ZigBee Cluster Library

# New and Updated Capture File Support
* Accellent 5Views, ASN.1 Basic Encoding Rules, Catapult DCT2000, Daintree SNA, Endace ERF, EyeSDN, Gammu DCT3 trace, IBM iSeries, JPEG/JFIF, libpcap, Lucent/Ascend access server trace, NetScaler, PacketLogger, pcapng, Shomiti/Finisar Surveyor, Sun snoop, Symbian OS btsnoop, Visual Networks




Download: http://www.wireshark.org/

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.4.1 (32-bit)



# The following bugs have been fixed:
* Wireshark may appear offscreen on multi-monitor Windows systems. (Bug 553)
* Incorrect behavior using sorting in the packet list. (Bug 2225)
* Cooked-capture dissector should omit the source address field if empty. (Bug 2519)
* MySQL dissector doesn't dissect MySQL stream. (Bug 2691)
* Wireshark crashes if active display filter macro is renamed. (Bug 5002)
* Incorrect dissection of MAP V2 PRN_ACK. (Bug 5076)
* TCP bytes_in_flight becomes inflated with lost packets. (Bug 5132)
* Wireshark fails to start on Windows XP 64bit. (Bug 5160)
* GTP header is exported in PDML with an incorrect size. (Bug 5162)
* Packet list hidden columns will not be parsed correctly from preferences file. (Bug 5163)
* Wireshark does not display the t.38 graph. (Bug 5165)
* Wireshark don't show mgcp calls in "Telephony ? VoIP calls". (Bug 5167)
* Wireshark 1.4.0 & VoIP calls "Prepare Filter" problem. (Bug 5172)
* GTPv2: IMSI is decoded improperly. (Bug 5179)
* [NAS EPS] EPS Quality of Service IE decoding is wrong. (Bug 5186)
* Wireshark mistakenly writes "not all data available" for IPv4 checksum. (Bug 5194)
* GSM: Cell Channel Description, range 1024 format. (Bug 5214)
* Wrong SDP interpretation on VoIP call flow chart. (Bug 5220)
* The CLDAP attribute value on a CLDAP reply is no longer being decoded. (Bug 5239)
* [NAS EPS] Traffic Flow Template IE dissection bugs. (Bug 5243)
* [NAS EPS] Use Request Type IE defined in 3GPP 24.008. (Bug 5246)
* NTLMSSP_AUTH domain and username truncated to first letter with IE8/Windows7 (generating the NTLM packet). (Bug 5251)
* IPv6 RH0: dest addr is to be used i.s.o. last RH address when 0 segments remain. (Bug 5252)
* EIGRP dissection error in Flags field in external route TLVs. (Bug 5261)
* MRP packet is not correctly parsed in PROFINET multiple write record request. (Bug 5267)
* MySQL Enhancement: support of Show Fields and bug fix. (Bug 5271)
* [NAS EPS] Fix TFT decoding when having several Packet Filters defined. (Bug 5274)
* Crash if using ssl.debug.file with no password for ssl.keys_list. (Bug 5277)

# Updated Protocol Support
* ASN.1 BER, ASN.1 PER, EIGRP, GSM A RR, GSM Management, GSM MAP,GTP, GTPv2, ICMPv6, Interlink, IPv4, IPv6, IPX, LDAP, LLC, MySQL,NAS EPS, NTLMSSP, PN-IO, PPP, RPC, SDP, SLL, SSL, TCP





Download: http://www.wireshark.org/

• 2Ovo se svidja korisnicima: oblak, A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.4.2 (32-bit)



* The following bugs have been fixed:
- File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
- Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off the end of the line" if click on last PDU. (Bug 5285)
- GTK-ERROR can occur in packets when there are multiple Netbios/SMB headers in a single frame. (Bug 5289)
- "Tshark -G values" crashes on Windows. (Bug 5296)
- PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
- PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
- [lua] Dumper:close() will cause a segfault due later GC of the Dumper. (Bug 5320)
- Network Instruments' trace files sometimes cannot be read with an error message of "Observer: bad record: Invalid magic number". (Bug 5330)
- IO Graph Time of Day times incorrect for filtered data. (Bug 5340)
- Wireshark tools do not detect and read some ERF files correctly. (Bug 5344)
- "editcap -h" sends some lines to stderr and others to stdout. (Bug 5353)
- IP Timestamp Option: "flag=3" variant (prespecified) not displayed correctly. (Bug 5357)
- AgentX PDU Header 'hex field highlighting' incorrectly spans extra bytes. (Bug 5364)
- AgentX dissector cannot handle null OID in Open-PDU. (Bug 5368)
- Crash with "Gtk-ERROR **: Byte index 6 is off the end of the line". (Bug 5374)
- ANCP Portmanagment TLV wrong decoded. (Bug 5388)
- Crash during startup because of Python SyntaxError in wspy_libws.py. (Bug 5389)




Download: http://www.wireshark.org/

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Napisano: 26 Jan 2011 13:50

Wireshark 1.4.3


Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
FRAsse discovered that the MAC-LTE dissector could overflow a buffer. (Bug 5530)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
FRAsse discovered that the ENTTEC dissector could overflow a buffer. (Bug 5539)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
CVE-2010-4538
The ASN.1 BER dissector could assert and make Wireshark exit prematurely. (Bug 5537)
Versions affected: 1.4.0 to 1.4.2.

The following bugs have been fixed:
AMQP failed assertion. (Bug 4048)
Reassemble.c leaks memory for GLIB > 2.8. (Bug 4141)
Fuzz testing reports possible dissector bug: TCP. (Bug 4211)
Wrong length calculation in new_octet_aligned_subset_bits() (PER dissector). (Bug 5393)
Function dissect_per_bit_string_display might read more bytes than available (PER dissector). (Bug 5394)
Cannot load wpcap.dll & packet.dll from Wireshark program directory. (Bug 5420)
Wireshark crashes with Copy -> Description on date/time fields. (Bug 5421)
DHCPv6 OPTION_CLIENT_FQDN parse error. (Bug 5426)
Information element Error for supported channels. (Bug 5430)
Assert when using ASN.1 dissector with loading a 'type table'. (Bug 5447)
Bug with RWH parsing in Infiniband dissector. (Bug 5444)
Help->About Wireshark mis-reports OS. (Bug 5453)
Delegated-IPv6-Prefix(123) is shown incorrect as X-Ascend-Call-Attempt-Limit(123). (Bug 5455)
"tshark -r file -T fields" is truncating exported data. (Bug 5463)
gsm_a_dtap: incorrect "Extraneous Data" when decoding Packet Flow Identifier. (Bug 5475)
Improper decode of TLS 1.2 packet containing both CertificateRequest and ServerHelloDone messages. (Bug 5485)
LTE-PDCP UL and DL problem. (Bug 5505)
CIGI 3.2/3.3 support broken. (Bug 5510)
Prepare Filter in RTP Streams dialog does not work correctly. (Bug 5513)
Wrong decode at ethernet OAM Y.1731 ETH-CC. (Bug 5517)
WPS: RF bands decryption. (Bug 5523)
Incorrect LTP SDNV value handling. (Bug 5521)
LTP bug found by randpkt. (Bug 5323)
Buffer overflow in SNMP EngineID preferences. (Bug 5530)

# Updated Protocol Support
AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC, GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T, RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM, WPS
New and Updated Capture File Support

# New and Updated Capture File Support
Endace ERF, Microsoft Network Monitor, VMS TCPtrace.


Download: http://www.wireshark.org/download.html

Dopuna: 02 Mar 2011 15:46

Wireshark 1.4.4 (32-bit)


The following bugs have been fixed:

* A TCP stream would not always be recognized as the same stream. (Bug 2907)
* Wireshark Crashing by pressing 2 Buttons. (Bug 4645)
* A crash can occur in the NTLMSSP dissector. (Bug 5157)
* The column texts from a Lua dissector could be mangled. (Bug 5326) (Bug 5630)
* Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)
* When searching in packet bytes, the field and bytes are not immediately shown. (Bug 5585)
* Malformed Packet: ULP reported when dissecting ULP SessionID PDU. (Bug 5593)
* Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)
* Display filter does not work for expressions of type BASE_DEC, BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)
* NTLMSSP dissector may fail to compile due to space embedded in C comment delimiters. (Bug 5614)
* Allow for name resolution of link-scope and multicast IPv6 addresses from local host file. (Bug 5615)
* DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)
* Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)
* Various fixes to the HIP packet dissector. (Bug 5646)
* Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)
* Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)
* E.212 MCC 260 Poland update according to local national regulatory. (Bug 5668)
* IPP on ports other than 631 not recognized. (Bug 5677)
* Potential access violation when writing to LANalyzer files. (Bug 5698)
* IEEE 802.15.4 Superframe Specification - Final CAP Slot always 0. (Bug 5700)
* Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)
* dumpcap: -q option behavior doesn't match documentation. (Bug 5716)

* Updated Protocol Support
- ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP

* New and Updated Capture File Support
- LANalyzer, Nokia DCT3, Pcap-ng



Download: http://www.wireshark.org/download.html

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.4.6 (32-bit)


# The following bugs have been fixed:
* Wireshark and TShark can crash while analyzing TCP packets.

# Updated Protocol Support
* TCP


Download: http://www.wireshark.org/

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.4.6 (64-bit)

http://www.filehippo.com/download_wireshark_64/tech/

• 1Ovo se svidja korisniku: A.L.
  
  Registruj se da bi pohvalio/la poruku!

Wireshark 1.4.7



# The following bugs have been fixed:
* AIM dissector has some endian issues.
* Telephony?MTP3?MSUS doesn't display window.
* Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7") packets.
* Service Indicator in M3UA protocol data.
* IEC60870-5-104 protocol, incorrect decoding of timestamp type CP56Time2a.
* DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF _FDCTR_16NF.
* 3GPP QoS: Traffic class is not decoded properly.
* Wireshark crashes when creating ProtoField.framenum in Lua.
* Fix a wrong mask to extract FMID from DECT packets dissector.
* Incorrect DHCPv6 remote identifier option parsing.

# Updated Protocol Support
* DICOM, IEC104, M3UA, TCP

# New and Updated Capture File Support
* Network Monitor.




Download: http://www.wireshark.org/