Wireshark v1.0.0 Released – Cross Platform Graphical Packet Sniffer


After nearly 10 years of developement Wireshark (formely known as Ethereal) has finally reached version 1!

For those that don’t know, Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Features

Wireshark has a rich feature set which includes the following:

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats: tcpdump (libpcap), Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text

This is one tool EVERYONE involved in security or network administration should be familiar with.

You can download Wireshark here:

Wireshark v1.0.0

Or read more here.

Posted in: Hacking Tools, Networking Hacking Tools, Security Software

, , , , , , ,


Latest Posts:


HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.


7 Responses to Wireshark v1.0.0 Released – Cross Platform Graphical Packet Sniffer

  1. mumble April 2, 2008 at 6:01 am #

    Is anyone _not_ using Wireshark? It’s used in the security class I’m taking. I’ve used it at work for years, and even contributed patches. I’m just curious — if anyone’s not using it, what are they using?

  2. Pantagruel April 2, 2008 at 8:54 am #

    [quote]
    This is one tool EVERYONE involved in security or network administration should be familiar with.
    [/quote]

    nothing more to add, this is one of the basic gpl tools you should be able to use. I can’t think of anything else with this kind of ‘power’ regarding network recon/analysis.

  3. ZaD MoFo April 2, 2008 at 4:01 pm #

    Wireshark – Such a good dog in this ocean of malware!

    Help me keep rodents out of my sanctuary.

    Barking @ who I doesn’t know.
    Biting thru filtering @ trange behavior packets.
    It’s the “Great White” of packet analysis…

    Free, easy, predictable: This is what I mean an excellent SoftTool.

    Before Wireshark I was in the Darkness…
    And as I recall, it is here, on darknet.org.uk that I learned of its existence.

    Just my pinch of salt.

  4. James C April 2, 2008 at 6:59 pm #

    @mumble
    A list of other sniffer’s, those crazy not wireshark using people might be using
    http://www.tech-faq.com/packet-sniffer.shtml
    Personal I use Wireshark for most work.

  5. goodpeople April 3, 2008 at 7:33 am #

    Depends on what I’m trying to find out. WS is kind of a big gun if I only want to analyze MSN traffic…

  6. mumble April 3, 2008 at 12:50 pm #

    All joking aside – I also like net2pcap (http://www.secdev.org/projects/net2pcap/) – which is essentially a wire -> file tool. Do the analysis offline later using anything. Works great w/ wireshark or just about any other packet analysis tool.

  7. fever April 8, 2008 at 9:17 pm #

    i haven’t used this but i used ethereal before it became wireshark. if it is even have as nice as ethereal than i will definitly upgrade.