14 DAY TRIAL // Wireshark, one of the foremost network protocol analyzers offering users the means to capture and interactively browse the traffic running on a computer network, is now at version 1.8.4.
The current version of Wireshark, 1.8.4, supersedes all previous releases, including all releases of Ethereal.
Wireshark does come with some minimum system requirements, but they are pretty reasonable. According to its developers, capturing on a fully saturated 100MBit/s Ethernet will produce about 750MBytes/min. Having a fast processor, lots of memory and disk space is a good idea in that case.
Unfortunately, Wireshark 1.8.4 will not benefit from Multiprocessor or Hyperthread systems, but during an "Update list of packets in real time" capture, traffic runs in one process and dissecting and displaying packets runs in another process. Having a dual-core processor would provide an advantage.
Highlights of Wireshark 1.8.4:
• The USB dissector no longer enters into an infinite loop; • A problem which caused the Menu and Title bars to become inaccessible using GTK2 (non-legacy) with two monitors has been repaired; • A malformed tpncp.dat file can no longer cause Wireshark to crash; • The SSL decryption now works even with the capture file and key; • Info line is now displayed correctly on an SIP message containing another SIP message in body; • Dissection of IEEE 802.11 Channel Switch Announcement element no longer fails; • WLAN decryption status is now updated after updating WEP/WPA keys; • Print GNUTLS no longer sends an error message if the PEM import fails; • Parsing the Server Name Indication extension in SSL/TLS traffic no longer causes some fields to be shown incorrectly; • Lua code no longer crashes Wireshark after the update to 1.8.4; • Two bugs in the Ran-Information-Error Rim Container have been fixed.
A complete list of changes can be found in the official announcement.
Download Wireshark 1.8.4 right now from Softpedia.