Wireshark

Wireshark 1.4.2 and 1.2.13 have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available. In 1.4.2 Vulnerabilities in the LDSS and ZigBee ZCL dissectors have been fixed. See the advisory for ... [More] details. Several user interface bugs have been fixed. Bugs in many dissectors have been fixed. For a complete list of changes, please refer to the 1.4.2 release notes. In 1.2.13 A vulnerability in the LDSS dissector has been fixed. See the advisory for details. Several user interface bugs have been fixed. Bugs in the BOOTP and LDSS dissectors have been fixed. For a complete list of changes, please refer to the 1.2.13 release notes. Official releases are available right now from the download page. [Less]

CACE Technologies, the primary sponsor of Wireshark, has been acquired by Riverbed Technology. Riverbed specializes in WAN optimization and IT performance management. They are committed to keeping the Wireshark community strong. Press release

CACE Technologies proudly announces the release of CACE Pilot, WiFi Pilot, and Shark Appliance version 2.4. Demos of CACE Pilot and WiFi Pilot are available at the CACE web site. Press release Find out more

Wireshark 1.4.1 and 1.2.12 have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available. The Wireshark 1.0 branch has reached End of Life. No further official 1.0.x releases will be made. If ... [More] you are using Wireshark 1.0 we encourage you to upgrade to 1.4. In 1.4.1 A vulnerability in the ASN.1 BER dissector has been fixed. See the advisory for details. Several user interface bugs have been fixed, including bugs in the packet list. Bugs in many dissectors have been fixed. For a complete list of changes, please refer to the 1.4.1 release notes. In 1.2.12 A vulnerability in the ASN.1 BER dissector has been fixed. See the advisory for details. Several user interface bugs have been fixed. Bugs in the GTP, IPv4, and RPC dissectors have been fixed. For a complete list of changes, please refer to the 1.2.12 release notes. Official releases are available right now from the download page. [Less]

Wireshark 1.4.0, 1.2.11, and 1.0.16 have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available. New in 1.4.0 The packet list internals have been rewritten and are now more ... [More] efficient. Columns are easier to use. You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header. Preliminary Python scripting support has been added. Many memory leaks have been fixed. Wireshark 1.4 does not support Windows 2000. Please use Wireshark 1.2 or 1.0 on those systems. Packets can now be ignored (excluded from dissection), similar to the way they can be marked. Manual IP address resolution is now supported. Columns with seconds can now be displayed as hours, minutes and seconds. You can now set the capture buffer size on UNIX and Linux if you have libpcap 1.0.0 or greater. TShark no longer needs elevated privileges on UNIX or Linux to list interfaces. Only dumpcap requires privileges now. Wireshark and TShark can enable 802.11 monitor mode directly if you have libpcap 1.0.0 or greater. You can play RTP streams directly from the RTP Analysis window. Capinfos and editcap now respectively support time order checking and forcing. Wireshark now has a "jump to timestamp" command-line option. You can open JPEG files directly in Wireshark. For a complete list of changes, please refer to the 1.4.0 release notes. In 1.2.11 and 1.0.16 A DLL hijacking bug described in Microsoft Security Advisory 2269637 has been fixed. See the security advisories and release notes for more details. Official releases are available right now from the download page. [Less]

We have received reports about a piece of malware calling itself "Wireshark Antivirus". To be clear, CACE Technologies and the Wireshark development team do not and have never made antivirus software. So far we don't have much information about this ... [More] , other than that it tries to get you to buy some sort of antivirus software and renders parts of your computer unusable. We are investigating the issue and will keep updating this news item as more information comes in. If you have any info, please contact CACE Technologies. Update 3:10 PDT It looks like this might be a new version of a trojan that has been around a while: Trojan:Win32/FakeScanti Trojan.Pcprotector Sysinternals Antivirus Removal Guide Update 2:15 PDT There are reports that you can kill "Wireshark Antivirus.exe" using the Windows task manager, then remove the trojan using standard malware removal tools. If you are infected Please look for the file C:\Program Files\Wireshark Antivirus\Wireshark Antivirus.exe. If this is present on your system, please submit it for analysis to a malware protection vendor such as Microsoft or Spybot S&D. [Less]

Wireshark is featured as the August 2010 SourceForge.net Project of the Month! Many thanks to SourceForge for hosting various bits of the project over the years.

Wireshark 1.0.0 was released on March 31, 2008. It was the last release to support GTK+ 1.0. As a courtesy to those users it will be supported for 30 months. This support period will end on September 30, 2010. After that date no more official ... [More] Wireshark 1.0 releases will be made. This announcement only affects the 1.0.x branch. Wireshark 1.2 will still be supported until June 15, 2011. The upcoming 1.4 release will be supported until the third quarter of 2012. [Less]

Wireshark 1.2.10 (stable), 1.0.15 (old stable), and 1.4.0rc2 (development) have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code is now available. In 1.2.10 Several security-related bugs have been ... [More] fixed. See the advisory for details. Several user interface bugs have been fixed. Bugs in the GTP, IAX2, OMAPI, PRES, SCSI, SMB, and UNISTIM dissectors have been fixed. An interoperability bug with zlib 1.2.5 has been fixed. Many other bugs have been fixed. For a complete list of changes, please refer to the 1.2.10 release notes. In 1.0.15 Two security-related bugs have been fixed. See the advisory for details. For a complete list of changes, please refer to the 1.0.15 release notes. In 1.4.0rc2 This is the second release candidate for Wireshark 1.4.0. It has many new features and supports many more protocols. Official releases are available right now from the download page. [Less]

Wireshark 1.2.9 (stable), 1.0.14 (old stable), and 1.4.0rc1 (development) have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code is now available. In 1.2.9 Several security-related bugs have been fixed. ... [More] See the advisory for details. Several user interface bugs have been fixed. Bugs in the Kerberos, XML, and HTTP dissectors have been fixed. An interoperability bug with zlib 1.2.5 has been fixed. Many other bugs have been fixed. For a complete list of changes, please refer to the 1.2.9 release notes. In 1.0.14 Several user interface bugs have been fixed. See the advisory for details. For a complete list of changes, please refer to the 1.0.14 release notes. In 1.4.0rc1 This is the first release candidate for Wireshark 1.4.0. It has many new features and supports many more protocols. Official releases are available right now from the download page. [Less]