Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript, CSV, or plain text
Screenshots are not available
– The Windows installers now ship with Qt 5.9.7. Previously they shipped with Qt 5.9.5.
The following vulnerabilities have been fixed:
– The 6LoWPAN dissector could crash.
– The P_MUL dissector could crash.
– The RTSE dissector and other dissectors could crash.
– The ISAKMP dissector could crash.
The following bugs have been fixed:
– console.lua not found in a folder with non-ASCII characters in its name.
– Disabling Update list of packets in real time. will generally trigger crash after three start capture, stop capture cycles.
– UDP Multicast Stream double counts.
– text2pcap et al. set snaplength to 64kiB-1, while processing frames of 256kiB.
– Builds without libpcap fail if the libpcap headers aren’t installed.
– TCAP AnalogRedirectRecord parameter incorrectly coded as mandatory in QualReq_rr message.
– macOS DMG appears to have duplicate files.
– Wireshark jumps behind other windows when opening UAT dialogs.
– Pathnames containing non-ASCII characters are mangled in error dialogs on Windows.
– Executing -z http,stat -r file.pcapng throws a segmentation fault.
– IS-41 TCAP RegistrationNotification Invoke has borderCellAccess parameter coded as tag 50 (as denyAccess) but should be 58.
– In DNS statistics, response times > 1 sec not included.
– GTPv2 APN dissect problem.
Updated Protocol Support:
– 6LoWPAN, ANSI MAP, DNP3, DNS, GSM A, GTP, GTPv2, IMF, ISAKMP, ISObus VT, Kerberos, P_MUL, RTSE, S7COMM, and TCAP