Wireshark.org - (Open Source)
Wireshark helps network administrators to solve protocol issues by diagnosing the problems in the software protocols.
Wireshark is a famous network analysis or packet sniffer tool protocols.
Wireshark examine data from a live network, and can also take a snapshot of the various communications that work on it at another time. Wireshark proposes to see the "dissector tables" directly from the main window. The application can export objects to SMB screen or display the compiled BPF code for capture filters. Finally, Wireshark supports a variety of protocols such as ADwin, Apache Etch, JSON, reload or Wi-Fi P2P (Wi-Fi Direct).
The interface is quite austere, hides an extremely powerful that only experts can use software correctly.
This software is essential for any network administrator to diagnose problems in the software protocols.
Bug Fixes
- The GSM BSSMAP dissector could crash. Versions affected: 0.10.11. CVE-2006-3627
- The ANSI MAP dissector was vulnerable to a format string overflow. Versions affected: 0.10.0. CVE-2006-3628
- The Checkpoint FW-1 dissector was vulnerable to a format string overflow. Versions affected: 0.10.10. CVE-2006-3628
- The MQ dissector was vulnerable to a format string overflow. Versions affected: 0.10.4. CVE-2006-3628
- The XML dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. CVE-2006-3628
- The MOUNT dissector could attempt to allocate large amounts of memory. Versions affected: 0.9.4. CVE-2006-3629
- The NCP NMAS and NDPS dissectors were susceptible to off-by-one errors. Versions affected: 0.9.7. CVE-2006-3630
- The NTP dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. CVE-2006-3628
- The SSH dissector was vulnerable to an infinite loop. Versions affected: 0.9.10. CVE-2006-3631
- The NFS dissector may have been susceptible to a buffer overflow. Versions affected: 0.8.16. CVE-2006-3632
New and Updated Features
- Multicast stream analysis (Statistics->Multicast Streams) has been added. It lets you determine burst size, output buffer size, and losses for multicast data.
- TCP reassembly has been updated and improved.
- Expert analysis has been updated and improved.
- SCSI service response time statistics have been added.
- You can now find next/previous marked frames.
- The LDAP and SNMP dissectors have been completely rewriten.
- The SMB dissector now tracks filenames and share names.
- The Windows file dialogs have been improved.
- If Wireshark is linked with the PortAudio library, you can now listen to RTP streams. (PortAudio didn't make the cut in the current Windows installer. It will be included with 0.99.3.)