发布于 2016-09-11 12:50:23 | 150 次阅读 | 评论: 0 | 来源: 网友投递
Wireshark 网络协议检测程序
Wireshark(前称Ethereal)是一个网络封包分析软件。网络封包分析软件的功能是撷取网络封包,并尽可能显示出最为详细的网络封包资料。
Wireshark 是世界上最流行的开源、免费跨平台网络协议分析软件,它经常被网络专家用户排错、部署、分析和教育活动中。目前Wireshark 2.2.0已经发布,包括一系列bug修复以及其他新特性。
主要更新如下:
Bug Fixes
Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. (Bug 12712)
Extcap errors not reported back to UI. (Bug 11892)
New and Updated Features
The following features are new (or have been significantly updated) since version 2.2.0rc2:
No major changes since 2.2.0rc2.
The following features are new (or have been significantly updated) since version 2.2.0rc1:
"Decode As" supports SSL (TLS) over TCP.
The following features are new (or have been significantly updated) since version 2.1.1:
Invalid coloring rules are now disabled instead of discarded. This will provide backward compatibility with a coloring rule change in Wireshark 2.2.
The following features are new (or have been significantly updated) since version 2.1.0:
Added -d option for Decode As support in Wireshark (mimics TShark functionality)
The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
The RTP player now allows up to 30 minutes of silence frames.
Packet bytes can now be displayed as EBCDIC.
The Qt UI loads captures faster on Windows.
proto_tree_add_checksum was added as an API. This attempts to standardize how checksums are reported and filtered for within *Shark. There are no more individual "good" and "bad" filter fields, protocols now have a "checksum.status" field that records "Good", "Bad" and "Unverified" (neither good or bad). Color filters provided with Wireshark have been adjusted to the new display filter names, but custom ones may need to be updated.
详细更新内容:
下载: