( Вход | Регистрация | Поиск )

Wireshark 4.2.0, анализ сетевого трафика, network protocol analyzer
Дата обновления: 18.11.2023 - 17:13, перейти к новому сообщению

·dark_man
Группа: Наши Люди

Сообщений: 186
Wireshark

Твой софтовый форум

Wireshark - программа предназначена для сбора и анализа информации о входящем/исходящем сетевом трафике. Wireshark поддерживает DNS, FDDI, FTP, HTTP, ICQ, IPV6, IPX, IRC, MAPI, MOUNT, NETBIOS, NFS, NNTP, POP, PPP, TCP, TELNET, X25 и так далее. Функциональность, которую предоставляет Wireshark, очень схожа с возможностями программы tcpdump, однако Wireshark имеет преимущество в виде графического пользовательского интерфейса и гораздо больше возможностей по сортировке и фильтрации информации.

Программа позволяет пользователю просматривать весь проходящий по сети трафик в режиме реального времени, переводя сетевую карту в широковещательный режим. Wireshark различает структуру самых различных сетевых протоколов, и поэтому позволяет разобрать сетевой пакет, отображая значение каждого поля протокола любого уровня. Поскольку для захвата пакетов используется библиотека pcap, существует возможность захвата данных только из тех сетей, которые поддерживаются этой библиотекой. Тем не менее, Wireshark умеет работать с множеством форматов исходных данных, соответственно, можно открывать файлы данных, захваченных другими программами, что расширяет возможности захвата.


Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. Wireshark is cross-platform, using the GTK+ widget toolkit to implement its user interface, and using pcap to capture packets; it runs on various Unix-like operating systems including Linux, Mac OS X, BSD, and Solaris, and on Microsoft Windows. It is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options. Wireshark allows the user to put the network interfaces that support promiscuous mode into that mode, in order to see all traffic visible on that interface, not just traffic addressed to one of the interface’s configured addresses and broadcast/ multicast traffic.

However, when capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all of the traffic traveling through the switch will necessarily be sent to the port on which the capture is being done, so capturing in promiscuous mode will not necessarily be sufficient to see all traffic on the network. Port mirroring or various network taps extend capture to any point on net; simple passive taps are extremely resistant to malware tampering.

Features Wireshark 3:
• Deep inspection of hundreds of protocols, with more being added all the time
• Live capture and offline analysis
• Standard three-pane packet browser
• Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
• Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
• The most powerful display filters in the industry
• Rich VoIP analysis
• Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
• Capture files compressed with gzip can be decompressed on the fly
• Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
• Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
• Coloring rules can be applied to the packet list for quick, intuitive analysis
• Output can be exported to XML, PostScript®, CSV, or plain text


Ответов(10 - 19)

·scorpio
Группа: СуперМодераторы

Сообщений: 8.029
Wireshark 1.2.4

What's New

Bug Fixes

The following bugs have been fixed:


Can't save RTP stream in both directions. (Bug 4120)

Wireshark could crash at startup on Windows. (Bug 4155)

New and Updated Features

There are no new features in this release.

New Protocol Support
There are no new protocols in this release.

Updated Protocol Support
DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC

Updated Capture File Support
Capture file support is unchanged in this release.

Getting Wireshark
Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.

Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

_______________
Size: ~ 17.46 MB

Download:



·scorpio
Группа: СуперМодераторы

Сообщений: 8.029
Wireshark 1.3.2 Beta

_______________
Size: ~ 18.58 MB

Download:



·Урсу
Группа: Наши Люди

Сообщений: 12.045
Wireshark 1.4.0 RC1

Размер: 17,93 МБ.
Скачать:



·Урсу
Группа: Наши Люди

Сообщений: 12.045
Wireshark 1.4.0

» Нажмите, для открытия спойлера | Press to open the spoiler «

Размер: 17,95 МБ.
Скачать:



·Урсу
Группа: Наши Люди

Сообщений: 12.045
Wireshark 1.4.1

32-Bit:
Размер: 18,34 МБ.
Скачать:

64-Bit:
Размер: 20,50 МБ.
Скачать:



·Урсу
Группа: Наши Люди

Сообщений: 12.045
Wireshark 1.4.3

32-Bit:
Размер: 18,34 МБ.
Скачать:

64-Bit:
Размер: 20,50 МБ.
Скачать:



·dimusik
Группа: Модераторы

Сообщений: 10.862
Wireshark 1.5.0

Размер: 18\21 Mb

32-bit

64-bit



·scorpio
Группа: СуперМодераторы

Сообщений: 8.029
Wireshark 1.4.6 Stable

What's New
Bug Fixes

The following bugs have been fixed:

Wireshark and TShark can crash while analyzing TCP packets. (Bug 5837)

New and Updated Features

There are no new features in this release.
New Protocol Support

There are no new protocols in this release.
Updated Protocol Support

TCP
New and Updated Capture File Support

There is no new or updated capture file support in this release.

_______________
Size: ~ 18.58 MB

Download:



Wireshark 1.5.1 (Development)

What's New
Bug Fixes

The following bugs have been fixed:

Wireshark is unresponsive when capturing from named pipes on Windows. (Bug 1759)

Ring buffers are no longer turned on by default when using multiple capture files.

New and Updated Features

The following features are new (or have been significantly updated) since version 1.4:

Wireshark can import text dumps, similar to text2pcap.

You can now view Wireshark's dissector tables (for example the TCP port to dissector mappings) from the main window.

TShark can show a specific occurrence of a field when using '-T fields'.

Custom columns can show a specific occurrence of a field.

You can hide columns in the packet list.

Wireshark can now export SMB objects.

dftest and randpkt now have manual pages.

TShark can now display iSCSI service response times.

Dumpcap can now save files with a user-specified group id.

Syntax checking is done for capture filters.

You can display the compiled BPF code for capture filters in the Capture Options dialog.

You can now navigate backwards and forwards through TCP and UDP sessions using Ctrl+, and Ctrl+. .

Packet length is (finally) a default column.

TCP window size is now avaiable both scaled and unscaled. A TCP window scaling graph is available in the GUI.

802.1q VLAN tags are now shown by the Ethernet II dissector.

Various dissectors now display some UTF-16 strings as proper Unicode including the DCE/RPC and SMB dissectors.

The RTP player now has an option to show the time of day in the graph in addition to the seconds since beginning of capture.

The RTP player now shows why media interruptions occur.

Graphs now save as PNG images by default.

TShark can read and write host name information from and to pcapng-formatted files. Wireshark can read it. TShark can dump host name information via

[-z hosts]

.

The tshark -z option now uses the

[-z ,srt]

syntax instead of

[-z ,rtt]

for all protocols that support service response time statistics. This syntax now matches Wireshark's syntax for this option.

New Protocol Support

ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol, Constrained Application Protocol (COAP), Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket Direct Protocol (SDP), JSON, LISP Data, MikroTik MAC-Telnet, Mongo Wire Protocol, Network Monitor 802.11 radio header, OPC UA ExtensionObjects, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RSIP, SAMETIME, SCoP, SGSAP, Tektronix Teklink, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)
Updated Protocol Support

New and Updated Capture File Support

Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP OpenVMS TCPTrace, IPFIX (the file format, not the protocol), Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments, TamoSoft CommView

_______________
Size: ~ 18.03 Mb

Download:



·Урсу
Группа: Наши Люди

Сообщений: 12.045
Wireshark 1.4.7 Stable

32-Bit:
Размер: 18,58 МБ.
Скачать:

64-Bit:
Размер: 20,75 МБ.
Скачать:



·Урсу
Группа: Наши Люди

Сообщений: 12.045
Wireshark 1.6.0 Stable

32-Bit:
Размер: 18,55 МБ.
Скачать:

64-Bit:
Размер: 21,59 МБ.
Скачать: