Wireshark 2.4.1, 2.2.9, and 2.0.15 Released

August 29, 2017

Wireshark 2.4.1, 2.2.9 and 2.0.15 have been released. Installers for Windows, Mac OS X 10.8 and above, and source code are now available.

In 2.4.1

Four vulnerabilities have been fixed. See the release notes for details.

For a complete list of changes, please refer to the 2.4.1 release notes.

In 2.2.9

Three vulnerabilities have been fixed. See the release notes for details.

For a complete list of changes, please refer to the 2.2.9 release notes.

In 2.0.15

Two vulnerabilities have been fixed. See the release notes for details.

For a complete list of changes, please refer to the 2.0.15 release notes.

Official releases are available right now from the download page.

Wireshark 2.4.0 Released

July 19, 2017

Wireshark 2.4.0 has been released. Installers for Windows, macOS, and source code are now available.

New or significantly updated features since version 2.2.0

  • Experimental 32-bit and 64-bit Windows Installer (.msi) packages are available. It is recommended that you use these independently of the NSIS (.exe) installers. That is, you should make sure the NSIS package is completely uninstalled before installing the Windows Installer package and vice-versa.
  • Source packages are now compressed using xz instead of bzip2.
  • The legacy (GTK+) UI is disabled by default in the Windows installers.
  • The legacy (GTK+) UI is disabled by default in the development environment (Autotools and CMake).
  • SS7 Point Codes can now be resolved into names with a hosts-like file.
  • Wireshark can now go fullscreen to have more room for packets.
  • TShark can now export objects like the other GUI interfaces.
  • Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library).
  • You can now choose the output device when playing RTP streams.
  • Added support for dissectors to include a unit name natively in their hf field. A field can now automatically append "seconds" or "ms" to its value without additional printf-style APIs.
  • The Default profile can now be reset to default values.
  • You can move back and forth in the selection history in the Qt UI.
  • IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original decryption key preference has been obsoleted.
  • Extcap utilities can now provide configuration for a GUI interface toolbar to control the extcap utility while capturing.
  • Extcap utilities can now validate the capture filter.
  • Display filter function len() can now be used on all string and byte fields.
  • Added an experimental timeline view for 802.11 wireless packet data which can be enabled via the "802.11 radio information" preferences.
  • Added TLS 1.3 (draft 21) dissection and decryption support (Bug 12779).
  • The (D)TLS Application Layer protocol (e.g. HTTP or CoAP) can now be changed via the Decode As dialog.
  • The RSA keys dialog for SSL keys has improved feedback for invalid settings and no longer requires the IP address, Port or Protocol fields to be set in addition to the Key File.
  • TCP Analysis will detect and flag more spurious retransmissions.

New Protocol Support

Bluetooth HCI Vendor Intel, CAN FD, Citrix NetScaler Metric Exchange Protocol, Citrix NetScaler RPC Protocol, DirectPlay 8 protocol, Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol), Facebook Zero, Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux, GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local Service Discovery (LSD), M2 Application Protocol, Mesh Link Establishment (MLE), MUDURL, Netgear Ensemble Protocol, NetScaler HA Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol, NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs, OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion Messages, Snort Post-dissector, Thread CoAP, UDP based FTP w/ multicast (UFTP and UFTP4), Unified Diagnostic Services (UDS), vSocket, Windows Cluster Management API (clusapi), and X-Rite i1 Display Pro (and derivatives) USB protocol

Official releases are available right now from the download page.

What's Not As New

Wireshark 2.2.8 and 2.0.14 Released · July 18, 2017

Wireshark 2.4.0rc2 Released · June 28, 2017

Wireshark 2.4.0rc1 Released · June 7, 2017

Wireshark 2.2.7 and 2.0.13 Released · June 1, 2017

Wireshark 2.2.6 and 2.0.12 Released · April 12, 2017

Wireshark 2.2.5 and 2.0.11 Released · March 3, 2017

Wireshark 2.2.4 and 2.0.10 Released · January 23, 2017

Wireshark 2.2.3 and 2.0.9 Released · December 14, 2016

Wireshark 2.2.2 and 2.0.8 Released · November 16, 2016

Wireshark 2.2.1 and 2.0.7 Released · October 4, 2016

Wireshark 2.0.6 Released · September 8, 2016

Wireshark 2.2.0 Released · September 7, 2016

Wireshark 2.2.0rc2 · August 31, 2016

Wireshark 2.2.0rc1 · August 22, 2016

Wireshark 2.0.5 and 1.12.13 Released · July 27, 2016

Wireshark 2.1.1 Development Release · July 14, 2016

Wireshark 2.1.0 Development Release · June 8, 2016

Wireshark 2.0.4 and 1.12.12 Released · June 7, 2016

Wireshark 2.0.3 and 1.12.11 Released · April 22, 2016

Wireshark 2.0.2 and 1.12.10 Released · February 26, 2016

Wireshark 2.0.1 and 1.12.9 Released · December 29, 2015

Wireshark 2.0.0 Released · November 18, 2015

Wireshark 2.0.0rc3 Released · November 11, 2015

Wireshark 2.0.0rc2 Released · October 30, 2015

Wireshark 2.0.0rc1 Released · October 14, 2015

Wireshark 1.12.8 Released · October 14, 2015

Wireshark 1.99.9 Development Release · September 2, 2015

Wireshark 1.12.7 Released · August 12, 2015

Wireshark 1.99.8 Development Release · July 24, 2015

Wireshark 1.99.7 Development Release · June 18, 2015

Wireshark 1.12.6 Released · June 17, 2015

Wireshark 1.99.6 Development Release · May 28, 2015

Wireshark 1.12.5 and 1.10.14 Released · May 12, 2015

Wireshark 1.99.5 Development Release · March 20, 2015

Wireshark 1.99.4 Development Release · March 19, 2015

Wireshark 1.99.3 Development Release · March 5, 2015

Wireshark 1.12.4 and 1.10.13 Released · March 4, 2015

Wireshark 1.99.2 Development Release · February 4, 2015

Wireshark 1.12.3 and 1.10.12 Released · January 7, 2015

Wireshark 1.99.1 Development Release · December 10, 2014

Wireshark 1.12.2 and 1.10.11 Released · November 12, 2014

Wireshark 1.99.0 Development Release · October 7, 2014

Wireshark 1.12.1 and 1.10.10 Released · September 16, 2014

Wireshark 1.12.0 and 1.10.9 Released · July 31, 2014

Wireshark 1.12.0rc3 Released · July 22, 2014

Wireshark 1.12.0rc2 Released · June 13, 2014

Wireshark 1.10.8 and 1.8.15 Released · June 12, 2014

Wireshark 1.10.7 and 1.8.14 Released · April 22, 2014

Wireshark 1.11.3 Development Release · April 15, 2014

Wireshark 1.10.6 and 1.8.13 Released · March 7, 2014

Wireshark 1.10.5 Released · December 19, 2013

Wireshark 1.10.4 and 1.8.12 Released · December 17, 2013

Wireshark 1.11.2 Development Release · November 18, 2013

Wireshark 1.11.0 Development Release · November 15, 2013

Wireshark 1.10.3 and 1.8.11 Released · November 1, 2013

Wireshark 1.11.0 Development Release · October 15, 2013

Wireshark 1.10.2 and 1.8.10 Released · September 10, 2013

Wireshark 1.10.1 and 1.8.9 Released · July 26, 2013

Wireshark 1.8.8 and 1.6.16 Released and 1.6 End of Life · June 7, 2013

Wireshark 1.10.0 Released · June 5, 2013

Wireshark 1.10.0rc2 Released · May 22, 2013

Wireshark 1.8.7 and 1.6.15 Released · May 17, 2013

Wireshark 1.10.0rc1 Released · April 26, 2013

Wireshark 1.9.1 Development Release · March 28, 2013

Wireshark 1.9.1 Development Release · March 12, 2013

Wireshark 1.8.6 and 1.6.14 Released · March 6, 2013

Wireshark 1.9.0 Development Release · February 20, 2013

Wireshark 1.8.5 and 1.6.13 Released · January 29, 2013

Wireshark Wiki Security Incident · January 9, 2013

Wireshark 1.8.4 and 1.6.12 Released · November 28, 2012

Wireshark 1.8.3 and 1.6.11 Released · October 2, 2012

Wireshark 1.8.2 and 1.6.10 Released · August 15, 2012

Wireshark 1.4.14 Released · July 24, 2012

Wireshark 1.8.1 and 1.6.9 Released · July 23, 2012

Wireshark 1.8.0 Released · June 21, 2012

Wireshark 1.8.0rc2 Released · June 18, 2012

Wireshark 1.8.0rc1 Released · June 6, 2012

Wireshark 1.6.8 and 1.4.13 Released · May 22, 2012

Wireshark 1.7.1 Development Release · April 6, 2012

Wireshark 1.6.7 Released · April 6, 2012

Wireshark 1.6.6 and 1.4.12 Released · March 27, 2012

Wireshark 1.6.5 and 1.4.11 Released · January 10, 2012

Wireshark 1.6.4 Released · November 18, 2011

Wireshark 1.7.0 Development Release · November 8, 2011

#1 on SecTools.Org · November 7, 2011

Wireshark 1.6.3 and 1.4.10 Released · November 1, 2011

We're Essential · September 19, 2011

Wireshark 1.6.2 and 1.4.9 Released · September 8, 2011

Wireshark 1.6.1 and 1.4.8 Released · July 18, 2011

Wireshark 1.6.0 Released · June 7, 2011

Wireshark 1.6.0rc2 Released · June 2, 2011

Wireshark 1.4.7 and 1.2.17 Released · May 31, 2011

Wireshark 1.6.0rc1 Released · May 16, 2011

Wireshark 1.4.6 Released · April 18, 2011

Wireshark 1.4.5 and 1.2.16 Released · April 15, 2011

Wireshark 1.5.1 Development Release · April 11, 2011

Wireshark 1.4.4 and 1.2.15 Released · March 1, 2011

Wireshark 1.5.0 Development Release · January 24, 2011

Wireshark 1.4.3 and 1.2.14 Released · January 11, 2011

Wireshark 1.4.2 and 1.2.13 Released · November 19, 2010

Riverbed Acquires CACE Technologies · October 21, 2010

CACE Pilot, WiFi Pilot, and Shark Appliance 2.4 Released · October 20, 2010

Wireshark 1.4.1 and 1.2.12 Released, 1.0.x EOL · October 11, 2010

Wireshark 1.4.0, 1.2.11, and 1.0.16 Released · August 30, 2010

"Wireshark Antivirus" Malware · August 4, 2010

We're SourceForge.net's Project of the Month! · August 1, 2010

End of Life Announcement for Wireshark 1.0 · July 31, 2010

Wireshark 1.2.10, 1.0.15, and 1.4.0rc2 Released · July 29, 2010

Wireshark 1.2.9, 1.0.14, and 1.4.0rc1 Released · June 9, 2010

Wireshark 1.2.8, 1.0.13, and 1.3.5 Released · May 5, 2010

Wireshark 1.2.7, 1.0.12, and 1.3.4 Released · March 31, 2010

Wireshark Wins PC Magazine Editor's Choice Award · February 22, 2010

Wireshark 1.3.3 Development Release · February 11, 2010

Wireshark 1.2.6 and 1.0.11 Released · January 27, 2010

CACE Pilot and WiFi Pilot 2.2 Released · January 18, 2010

Wireshark 1.2.5 Released · December 17, 2009

Wireshark 1.3.2 Development Release · November 24, 2009

Wireshark 1.2.4 Released · November 16, 2009

Wireshark 1.2.3, 1.0.10, and 1.3.1 Released · October 27, 2009

Wireshark 1.2.2, 1.0.9, and 1.3.0 Released · September 15, 2009

CACE Pilot and WiFi Pilot 2.1 Released · September 1, 2009

CACE Pilot 2.0 Released · July 28, 2009

Wireshark 1.2.1 Released · July 20, 2009

Nmap 5 Released · July 16, 2009

Wireshark 1.2 Released · June 15, 2009

Wireshark 1.2.0pre2 Released · June 9, 2009

Wireshark 1.2.0pre1 Released · May 27, 2009

Free Wireshark Jumpstart Seminars From Laura Chappell · May 22, 2009

Wireshark 1.0.8 Released · May 21, 2009

Another Day, Another New York Times Article · May 14, 2009

Wireshark Helps Expose Spy Ring · May 12, 2009

Announcing WiFi Pilot · May 7, 2009

Wireshark 1.0.7 Released · April 8, 2009

A Pile Of Great Keynotes At Sharkfest '09 · March 24, 2009

Wireshark 1.1.3 Development Release · March 23, 2009

Conficker Loves Us! · March 12, 2009

Wireshark 1.0.6 Released · February 6, 2009

CACE Pilot 1.2 released · January 23, 2009

Wireshark 1.1.2 Development Release · January 15, 2009

Wireshark 1.0.5 Released · December 10, 2008

New Video: Custom Columns (Plus Bonus Wireshark University Updates) · December 9, 2008

New Book: Nmap Network Scanning · December 3, 2008

Wireshark classes from Mike Pennacchi and Chris Sanders · November 7, 2008

tcpdump 4.0.0 / libpcap 1.0.0 released · October 28, 2008

New Article: Using Wireshark and TShark display filters for troubleshooting · October 22, 2008

Wireshark 1.0.4 Released · October 20, 2008

Meet Gerald At Laura Chappell's Troubleshooting and Security Summit · October 10, 2008

Wireshark 1.1.1 Development Release · October 9, 2008

Wireshark 1.1.0 Development Release · September 14, 2008

Sign Up Now for Laura Chappell's Troubleshooting and Security Summit · September 3, 2008

Wireshark 1.0.3 Released · September 3, 2008

Wireshark Wins 2008 InfoWorld BOSSIE Award · August 4, 2008

Wireshark is 10! (Plus two bonus announcements) · July 14, 2008

Wireshark 1.0.2 Released · July 10, 2008

Wireshark 1.0.1 Released · June 30, 2008

Announcing TurboCap · June 26, 2008

New Article: Open Source Founders Reflect On Project Milestones · April 22, 2008

Announcing Pilot · April 16, 2008

New Video: TCP Connection Loss · April 7, 2008

Sharkfest Was Great! · April 3, 2008

Wireshark 1.0 Released · March 31, 2008

Server Outage · March 20, 2008

Wireshark 0.99.8 Released · February 27, 2008

Vint Cerf at Sharkfest! · February 19, 2008

New Video: Analyzing DNS Queries · February 4, 2008

New Video: ICMP Redirection (plus a Tech Talk) · January 7, 2008

Wireshark 0.99.7 Released · December 18, 2007

New Mirror in Indonesia · December 16, 2007

Nmap is 10 · December 14, 2007

New Video: Advanced IO Graphing · November 5, 2007

German Tutorial from Mirko Kulpa · November 1, 2007

In Memoriam: Jun-ichiro Hagino · October 30, 2007

New Article: Time to Roll Your Own 802.11n Standard · October 5, 2007

New Video: Faulty Padding · September 24, 2007

First Annual SHARKFEST Announced · September 12, 2007

Wireshark Wins 2007 InfoWorld BOSSIE Award · September 10, 2007

New Article: SPAN Port or TAP? CSO Beware · September 9, 2007

New Article: Analyzing TCP Performance with Wireshark · August 17, 2007

Wireshark 0.99.6a Windows Installer Released · July 9, 2007

Wireshark 0.99.6 Released · July 5, 2007

New Article: Creating Your Own Custom Wireshark Dissector · July 2, 2007

New Video: Building ACL Rules · July 2, 2007

Wireshark at LinuxWorld 2007 · June 27, 2007

New tool: WPA PSK Generator · June 22, 2007

New Book: Practical Packet Analysis · May 23, 2007

eWEEK Says We're Important · May 2, 2007

Wireshark! Live! Helpdesk · April 1, 2007

Wireshark University Announced · March 19, 2007

New Mirror in Hungary · March 2, 2007

New Mirror in Germany · February 21, 2007

McAfee VirusScan False Positive · February 13, 2007

Wireshark 0.99.5 Released · February 1, 2007

WinPcap 4.0 Released · January 29, 2007

3Com Says We're "Best-Of-Breed" · January 29, 2007

New Mirror in the U.S. · January 22, 2007

New Mirror in the Netherlands · January 5, 2007

MacOS X Package Available · January 4, 2007

Article in COMPUTERWOCHE.de · November 14, 2006

Wireshark 0.99.4 Released · October 31, 2006

Wireshark Training Available for Q1 2007 · October 23, 2006

Site Outage · September 18, 2006

Wireshark 0.99.3 Released · August 23, 2006

Wireshark 0.99.2 Released · July 17, 2006

Tutorial and Podcast from Chris Sanders · July 14, 2006

Symantec Antivirus False Positive · July 4, 2006

We're (still) #2! · June 21, 2006

Ethereal® is now Wireshark™ · June 7, 2006

Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
  • • Fully integrated with Wireshark and AirPcap™
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ NetShark appliance
  • • Troubleshoot problems faster
  • • Quickly identify the applications running on your network
  • • Monitor your virtual machine traffic
Learn More

I need to capture wireless traffic...

ANSWER: AirPcap™ 802.11 Packet Capture
  • • WLAN packet capture and transmission
  • • Full 802.11 a/b/g/n support
  • • View management, control and data frames
  • • Multi-channel aggregation (with multiple adapters)
Learn More Buy Now