ESP, Kerberos, and SSL Decryption Now In Wireshark Network Protocol Analyzer

By klsh on August 24, 2006 4:05 PM | | Comments (0)

Wireshark works as a drop in replacement for Ethereal when using CIsco Application Analysis Suite, and Opnet's ITGuru.


Wireshark: The World's Most Popular Network Protocol Analyzer

Wireshark 0.99.3 has been released.

------------------------------------------------------------------

What is Wireshark?

Wireshark is the world's most popular network protocol analyzer.
It is used for troubleshooting, analysis, development, and
education.

What's New

Bug Fixes

The following vulnerabilities have been fixed:

o The SCSI dissector could crash. Versions affected: 0.99.2.

o If Wireshark was compiled with ESP decryption support, the
IPsec ESP preference parser was susceptible to off-by-one
errors. Versions affected: 0.99.2.

o The DHCP dissector (and possibly others) in the Windows
version of Wireshark could trigger a bug in Glib and crash.
Versions affected: 0.10.13 - 0.99.2.

o If the SSCOP dissector has a port range configured and the
SSCOP payload protocol is Q.2931, a malformed packet could
make the Q.2931 dissector use up available memory. No port
range is configured by default. Versions affected: 0.7.9 -
0.99.2.

The following bugs have been fixed:

o The VOIP call analysis feature could cause an assertion.

o The RTP analysis feature could freeze for an extended period.

o Selecting "Apply as Filter" wouldn't work for some tree items.

New and Updated Features

The following features are new (or have been significantly
updated) since the last release:

o ESP, Kerberos, and SSL decryption are now supported in the
Windows installer. (As as result, Wireshark is now subject to
United States export controls.)

o The packet list context menu now includes a conversation
filter.

o Wireshark can now generate ACL rules for several popular
firewall products.

o Wireshark now supports AirPcap, including raw 802.11 captures
under Windows.

New Protocol Support

Daytime, JPEG (RTP payload), Pegasus Lightweight Stream Control,
Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport

Updated Protocol Support

All ASN.1 dissectors, 3G A11, 802.11, AIM SST, AJP13, ANSI 637,
AVS WLAN, BACapp, BFD, CDP, Cisco WIDS, DCERPC (DCERPC, CONV, DFS,
EPM, FLDB, NETLOGON, NT, PN-IO, RS_PGO), DCOM, DHCP, DIAMETER,
DTLS, EAPOL, ESP, H.225, H.245, H.450, HTTP, IPv6, ISAKMP,
Juniper, Kerberos, L2TP, LDAP, MSRP, NTLMSSP, PN-CBA, PN-RT,
Prism, RSVP, RTCP, RUDP, SCSI, SCTP, SDP, SIP, SIPFRAG, Skinny,
SMB, SSL, TCP, text/media, Time, XML

New and Updated Capture File Support

Catapult DCT2000, nettl


Leave a comment

About this Entry

This page contains a single entry by klsh published on August 24, 2006 4:05 PM.

Checking Speed And Duplex On A Cisco Catalyst 4000 L3 Switch Port was the previous entry in this blog.

Networking Courses Online is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Powered by Movable Type 4.01

Search