Wireshark is one of the most popular tools that we can find to analyze network protocols. It allows us to perform analysis and solve possible problems that we have in our networks. It has a graphical interface that stands out from other similar ones and a large number of options. Today we echo the release of Wireshark 3.3.0 . We are going to show what its main novelties are.
Wireshark 3.3.0 is now available
As with every new version, Wireshark 3.3.0 brings interesting news and changes for users. This free and open source tool has always been at the forefront offering the best features for network troubleshooting by administrators and examining packages.
In summary, these are the main new features that come with Wireshark 3.3.0:
- Windows executables and installers are now SHA-2 signed only.
- Saving the RTP stream in .au supports any codec with a frequency of 8000 Hz that is compatible with Wireshark (displayed in the RTP player). If the audio cannot be saved (codec or speed not supported), a silence of the same length is saved and a warning is displayed.
- Asynchronous DNS resolution is always enabled. As a result, the c-ares library is now a required dependency.
- Protobuf fields can be dissected as Wireshark (header) fields that allow the user to enter the full names of Protobuf fields or messages into the Filter toolbar for searching.
- Protobuf-based dissectors can register themselves in a new “protobuf_field” dissector table, which is keyed in with full field names, to analyze more BYTES or STRING fields.
- Wireshark can decode, play, and save the iLBC payload on platforms where the iLBC library is available.
- The “Decode As” entries can now be copied from other profiles using a button in the dialog.
- sshdump can now be copied to multiple instances. Each instance will show a different interface and will have its own profile.
- The main window now supports a package diagram view, showing each package as a textbook-style diagram.
It should also be noted that it supports new protocols and improvements:
Arinc 615A (A615A), Asphodel Protocol, Audio Code Debug Recording (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol (MCP), DCE / RPC IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange Protocol (DLEP), Fortinet Single Sign-On (FSSO), FTDI Multiprotocol Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol Version 3 (HTTP3), Java Debugging Wire Protocol (JDWP), State Resolution Service LBM (LBMSRS), Lithionics Battery Management, OBSAI UDP-Based Communication Protocol (UDPCP), Palo Alto Heartbeat Backup (PA-HB-Bak), ScyllaDB RPC, Technically Enhanced Capture Module Protocol (TECMP), Authentication Protocol Extensible Tunneling (TEAP), UDP-based FTP with V5 multicast (UFTP5) and USB printer (USBPRINTER).
We can download the different versions from the official website . As we always say, it is very important to have the latest versions. On the one hand we are going to get improvements in usability, have additional functions and features that were previously not available. But you also have to take security into account. Each update usually brings fixes and improvements to avoid being attacked.
