Gratistipset: Koll på din trafik med Wireshark
Wireshark är ett program för att analysera din trafik (Network protocol) och det är ett program som nästan är standard i vissa tester och inom vissa branscher.
Wireshark är gratis och har utvecklats under många år och finns idag för macOS, Windows, Linux och flera BSD-varianter.
Wireshark is one of the world’s foremost network protocol analyzers, and is the standard in many parts of the industry. It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it it still under active development.
Wireshark has a roch feature set whoch includes the following:
Standard three-pane packet browser
Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer whoch is useful for remote capture, analysis, and scripting
The most powerful display filters in the industry
VoIP analysis
Live capture and offline analysis are supported
Read/write many different capture file formats: tcpdump (libpcap), NAI’s Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX’s iptrace, Microsoft’s Network Monitor, Novell’s LANalyzer, RADCOM’s WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group’s/WildPacket’s EtherPeek/TokenPeek/AiroPeek, Visual Networks’ Visual UpTime and many others
Capture files compressed with gzip can be decompressed on the fly
Hundreds of protocols are supported, with more being added all the time
Coloring rules can be applied to the packet list, whoch eases analysis
What’s NewWhat’s new in Wireshark
What’s New
Automatic updates were inadvertently disabled in the Wireshark 3.2.1 64-bit and 32-bit Windows installers. If you’re running Wireshark 3.2.1 on Windows you will have to update to a later version manually.
Bug Fixes
The following vulnerabilities have been fixed:
- wnpa-sec-2020-03 LTE RRC dissector memory leak.
- wnpa-sec-2020-04 WiMax DLMAP dissector crash.
- wnpa-sec-2020-05 EAP dissector crash.
- wnpa-sec-2020-06 WireGuard dissector crash.
The following bugs have been fixed:
- Add (IETF) QUIC Dissector.
- Support for CoAP over TCP and WebSockets (RFC 8323).
- SMB IOCTL response packet with BUFFER_OVERFLOW status is dissected improperly.
- Wireshark fails to build with GCC-9.
- NVMe/TCP ICReq PDU Not Interpreted Correctly.
- ICMP: No response if ICMP reply packet has an ICMP checksum of 0x0000.
- Display filter parsing broken after upgrade from 3.0.7.
- IPv4 fragment offset value is incorrect in IPv4 header decode.
- RTCP frame length warning for SAT>IP APP packets.
- RTP export to rtpdump file doesn’t work.
- CFDP dissector skips a byte.
- ISAKMP: IKEv2 transforms and proposal have critical bit (BUG).
- No IPv4/IPv6 hosts in Resolved Addresses dialog.
- Lack of Check for Updates option in the Windows GUI.
- LLDP dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called.
- LACP dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called.
New and Updated Features
- There are no new features in this release.
New Protocol Support
- There are no new protocols in this release.
Updated Protocol Support
ARTNET, CFDP, CoAP, EAP, GTP, ICMP, ICMPv6, IPv4, ISAKMP, LACP, LLDP, LTE RRC, NBAP, NVME-TCP, QUIC, RDM, RTCP, RTP, SMB, SOME/IP, TLS, WiMax DLMAP, and WireGuard
New and Updated Capture File Support
There is no new or updated capture file support in this release.
Getting Wireshark
Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
Anmäl dig till Mackens Nyhetsbrev
Du får förhandsinformation om Macken, våra planer och du får informationen, först och direkt till din mail. Vi lovar att inte skicka din information vidare och vi lovar att inte skicka ut mer än max ett nyhetsbrev per månad. Anmäl dig här
Fyrabarns-far, farfar, morfar och egen företagare i Skellefteå med kliande fingrar. Skriver om fotografering, sport, dataprylar, politik, nöje, musik och film. Jobbar vid sidan av den här bloggen med det egna företaget Winterkvist.com. Familjen består av hustru, fyra barn (utflugna) och tre barnbarn.
Jag har hållit på med datorer sedan tidigt 1980-tal och drev Artic BBS innan Internet knappt existerade. Efter BBS-tiden har det blivit hemsidor, design, digitala medier och trycksaker. Under tiden som journalist jobbade jag med Mac men privat har det varit Windows som har gällt fram till vintern 2007. Då var det dags att byta och då bytte vi, företaget, helt produktionsplattform till Mac OS X. På den vägen är det …
