Wireshark is the world’s foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.
Features includes deep inspection of hundreds of protocols, with more being added all the time, Live capture and offline analysis, Standard three-pane packet browser, Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility, and Rich VoIP analysis.
Here are key features of Wireshark:
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript, CSV, or plain text
Download Wireshark 1.6.2 (September 8, 2011)
The links in this section correspond to files available for Wireshark 1.6.2. Select the files most appropriate for you.
- Download Wireshark 1.6.2 for Windows (32-bit)
- Download Wireshark 1.6.2 for Windows (64-bit)
- Download Wireshark 1.6.2 Portable Apps
What’s New in Wireshark 1.6.2
– A large loop in the OpenSafety dissector could cause a crash.
– A malformed IKE packet could consume excessive resources.
– A malformed capture file could result in an invalid root tvbuff and cause a crash.
– Wireshark could run arbitrary Lua scripts.
– The CSN.1 dissector could crash.
– configure ignores (partially) LDFLAGS.
– Build fails when it tries to #include , not present in Solaris 9.
– Unable to configure zero length SNMP Engine ID.
– BACnet who-is request device range values are not decoded correctly in the packet details window.
– H.323 RAS packets missing from packet counts in “Telephony->VoIP Calls” and the “Flow Graph” for the call.
– Wireshark crashes if sercosiii module isn’t installed.
– Editcap could create invalid pcap files when converting from JPEG.
– Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows.
– Malformed Packet in decode for BGP-AD update.
– Wrong display of CSN_BIT in CSN.1.
– Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c.
– Wireshark cannot display Reachable time & Retrans timer in IPv6 RA messages.
– ReadPropertyMultiple-ACK not correctly dissected.
– GTPv2 dissectors should treat gtpv2_ccrsi as optional.
– BGP : AS_PATH attribute was decode wrong.
– Fixes for SCPS TCP option.
– Offset calculated incorrectly for sFlow extended data.
– [Enter] key behavior varies when manually typing display filters.
– Contents of pcapng EnhancedPacketBlocks with comments aren’t displayed.
– Misdecoding 3G Neighbour Cell Information Element in SI2quater message due to a coding typo.
– Mis-spelled word “unknown” in assorted files.
– tshark run with -Tpdml makes a seg fault.
– btl2cap extended window shows wrong bit.
– NDMP dissector incorrectly represents “ndmp.bytes_left_to_read” as signed.
– TShark/dumpcap skips capture duration flag occasionally.
– File types with no snaplen written out with a zero snaplen in pcap-ng files.
– Wireshark improperly parsing 802.11 Beacon Country Information tag.
– ERF records with extension headers not written out correctly to pcap or pcap-ng files.
– RTPS2: MAX_BITMAP_SIZE is defined incorrectly.
– Copying from RTP stream analysis copies 1st line many times.
– Wrong display of CSN_BIT under CSN_UNION.
– MEGACO context tracking fix – context id reuse.
Updated Protocol Support
– BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP, ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP
New and Updated Capture File Support
– CommView, pcap-ng, JPEG.
Source: Wireshark 1.6.2 Release Notes