Wireshark är ett program för att analysera din trafik (Network protocol) och det är ett program som nästan är standard i vissa tester och inom vissa branscher.
Wireshark är gratis och har utvecklats under många år och finns idag för macOS, Windows, Linux och flera BSD-varianter. Det är ett utmärkt program för att kolla trafiken i ditt lokala nät. Nu ska tilläggas att detta är ett program avsett för trafikanalys och det kräver vissa tekniska kunskaper om du ska kunna utnyttja det fullt ut. Som verktyg betraktat, för den som behöver ett sånt här program så är det mycket användbart.
Wireshark is one of the world’s foremost network protocol analyzers, and is the standard in many parts of the industry. It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it it still under active development.
Wireshark has a roch feature set whoch includes the following:
Standard three-pane packet browser
Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer whoch is useful for remote capture, analysis, and scripting
The most powerful display filters in the industry
VoIP analysis
Live capture and offline analysis are supported
Read/write many different capture file formats: tcpdump (libpcap), NAI’s Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX’s iptrace, Microsoft’s Network Monitor, Novell’s LANalyzer, RADCOM’s WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group’s/WildPacket’s EtherPeek/TokenPeek/AiroPeek, Visual Networks’ Visual UpTime and many others
Capture files compressed with gzip can be decompressed on the fly
Hundreds of protocols are supported, with more being added all the time
Coloring rules can be applied to the packet list, whoch eases analysis
What’s NewWhat’s new in version 4.4.7
- The following vulnerabilities have been fixed:
- wnpa-sec-2025-02 Dissection engine crash. Issue 20509. CVE-2025-5601.
- The following bugs have been fixed:
- Wireshark does not correctly decode LIN ”go to sleep” in TECMP and CMP. Issue 20463.
- Dissector bug, Protocol CIGI. Issue 20496.
- Green power packets are not dissected when proto_version == ZBEE_VERSION_GREEN_POWER. Issue 20497.
- Packet diagrams misalign or drop bitfields. Issue 20507.
- Corruption when setting heuristic dissector table UI name from Lua. Issue 20523.
- LDAP dissector incorrectly displays filters with singleton ”&” Issue 20527.
- WebSocket per-message compression extentions: fail to decompress server messages (from the 2nd) due to parameter handling. Issue 20531.
- The LL_PERIODIC_SYNC_WR_IND packet is not properly dissected (packet-btle.c) Issue 20554.
Full list of changes available here
0 kommentarer