Wireshark 3.7.2 Development Release
July 28, 2022
What’s New
Note
|
We do not ship official 32-bit Windows packages for this branch. If you need to use Wireshark on that platform, please install the latest 3.6 release. Issue 17779 |
-
The display filter syntax is now more powerful with many new extensions. See below for details.
-
The Conversation and Endpoint dialogs have been redesigned with the following improvements:
-
The context menu now includes the option to resize all columns, as well as copying elements.
-
Data may be exported as JSON.
-
Tabs may be detached and reattached from the dialog.
-
Adding/Removing tabs will keep them in the same order all the time.
-
If a filter is applied, two columns are shown in either dialog detailing the difference between unmatched and matched packets.
-
Columns are now sorted via secondary properties if an identical entry is found.
-
Conversations will be sorted via second address and first port number.
-
Endpoints will be sorted via port numbers.
-
IPv6 addresses are sorted correctly after IPv4 addresses.
-
The dialog elements have been moved to make it easier to handle for new users.
-
Selection of tap elements is done via list.
-
All configurations and options are done via a left side button row.
-
Columns for the Conversations and Endpoint dialogs can be hidden by context menu.
-
TCP/UDP conversations now include the stream id and allows filtering on it.
-
-
The ip.flags field is now only the three high bits, not the full byte. Display filters and Coloring rules using the field will need to be adjusted.
-
Speed when using MaxMind geolocation has been greatly improved.
-
The 'v' (lower case) and 'V' (upper case) switches have been swapped for editcap and mergecap to match the other command line utilities.
-
New address type AT_NUMERIC allows simple numeric addresses for protocols which do not have a more common-style address approach, analog to AT_STRINGZ.
-
The Wireshark Lua API now uses the lrexlib bindings to PCRE2. Code using the Lua GRegex module will have to be updated to use lrexlib-pcre2 instead. In most cases the API should be compatible and the conversion just requires a module name change.
-
The tap registration system has been updated and the list of arguments for tap_packet_cb has changed. All taps registered through register_tap_listener have to be updated.
-
The PCRE2 library is now a required dependency to build Wireshark.
-
You must now have a compiler with C11 support in order to build Wireshark.
-
The following libraries and tools have had their minimum required version increased:
-
CMake 3.10 is required on macOS and Linux.
-
Qt version 5.12 (was 5.6.0), although compilation with 5.10 and 5.11 is still possible, but will trigger a warning during configuration.
-
Windows SDK 10.0.18362.0 is required due to issues with C11 support.
-
macOS version 10.10 (was 10.8) is required, if the Qt version is to be built, at least 10.11 is required, depending on the Qt version used (see below).
-
GLib version 2.50.0 (was 2.38.0) is required.
-
Libgcrypt version 1.8.0 (was 1.5.0) is required.
-
c-ares version 1.14.0 (was 1.5.0).
-
Python version 3.6.0 (was 3.4.0).
-
GnuTLS version 3.5.8 (was 3.3.0).
-
Nghttp2 minimum version has been set to 1.11.0 (none previous).
-
-
For building with Qt on macOS, the following versions are required depending on the Qt version to be used:
-
Qt 5.10 or higher requires macOS version 10.11
-
Qt 5.12 or higher requires macOS version 10.12
-
Qt 5.14 or higher requires macOS version 10.13
-
Qt 6.0 or higher requires macOS version 10.14
-
-
Perl is no longer required to build Wireshark, but may be required to build some source code files and run code analysis checks.
Many other improvements have been made. See the “New and Updated Features” section below for more details.
New and Updated Features
The following features are new (or have been significantly updated) since version 3.7.0:
-
The Windows installers now ship with Qt 6.2.3. They previously shipped with Qt 6.2.4.
-
The Conversation and Endpoint dialogs have been reworked extensively
The following features are new (or have been significantly updated) since version 3.6.0:
-
The Windows installers now ship with Npcap 1.60. They previously shipped with Npcap 1.55.
-
The Windows installers now ship with Qt 6.2.4. They previously shipped with Qt 5.12.2.
-
The display filter syntax has been updated and enhanced:
-
A syntax to match a specific layer in the protocol stack has been added. For example in an IP-over-IP packet “ip.addr#1 == 1.1.1.1” matches the outer layer addresses and “ip.addr#2 == 1.1.1.2” matches the inner layer addresses.
-
Universal quantifiers "any" and "all" have been added to any relational operator. For example the expression
is true if and only if all tcp.port fields match the condition. Previously only the default behaviour to return true if any one field matches was supported. -
Field references, of the form ${some.field}, are now part of the syntax of display filters. Previously they were implemented as macros. The new implementation is more efficient and has the same properties as protocol fields, like matching on multiple values using quantifiers and support for layer filtering.
-
Arithmetic is supported for numeric fields with the usual operators “+”, “-”, “*”, “/”, and “%”. Arithmetic expressions must be grouped using curly brackets (not parenthesis).
-
New display filter functions max(), min() and abs() have been added.
-
Functions can accept expressions as arguments, including other functions. Previously only protocol fields and slices were syntactically valid function arguments.
-
A new syntax to disambiguate literals from identifiers has been added. Every value with a leading dot is a protocol or protocol field. Every value in between angle brackets is a literal value. See the User’s Guide for details.
-
The "bitwise and" operator is now a first-class bit operator, not a boolean operator. In particular this means it is now possible to mask bits, e.g.: frame[0] & 0x0F == 3.
-
Dates and times can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats. Otherwise local time is used.
-
Integer literal constants may be written in binary (in addition to decimal/octal/hexadecimal) using the prefix "0b" or "0B".
-
Logical AND now has higher precedence than logical OR, in line with most programming languages.
-
It is now possible to index protocol fields from the end using negative indexes. For example the following expression tests the last two bytes of the TCP protocol field: tcp[-2:] == AA:BB. This was a longstanding bug that has been fixed in this release.
-
Set elements must be separated using a comma, e.g: {1, 2, "foo"}. Using only whitespace as a separator was deprecated in 3.6 and is now a syntax error.
-
Support for some additional character escape sequences in double quoted strings has been added. Along with octal (\<number>) and hex (\x<number>) encoding, the following C escape sequences are now supported with the same meaning: \a, \b, \f, \n, \r, \t, \v. Previously they were only supported with character constants.
-
Unicode universal character names are now supported with the escape sequences \uNNNN or \UNNNNNNNN, where N is a hexadecimal digit.
-
Unrecognized escape sequences are now treated as a syntax error. Previously they were treated as a literal character. In addition to the sequences indicated above, backslash, single quotation and double quotation mark are also valid sequences: \\, \', \".
-
A new strict equality operator "===" or "all_eq" has been added. The expression "a === b" is true if and only if all a’s are equal to b. The negation of "===" can now be written as "!==" (any_ne).
-
The aliases "any_eq" for "==" and "all_ne" for "!=" have been added.
-
The operator "~=" is deprecated and will be removed in a future version. Use "!==", which has the same meaning instead.
-
Floats must be written with a leading and ending digit. For example the values ".7" and "7." are now invalid as floats. They must be written "0.7" and "7.0" respectively.
-
The display filter engine now uses PCRE2 instead of GRegex (GLib’s bindings to the older and end-of-life PCRE library). PCRE2 is compatible with PCRE so any user-visible changes should be minimal. Some exotic patterns may now be invalid and require rewriting.
-
Literal strings can handle embedded null bytes (the value '\0') correctly. This includes regular expression patterns. For example the double-quoted string "\0 is a null byte" is a legal literal value. This may be useful to match byte patterns but note that in general protocol fields with a string type still cannot contain embedded null bytes.
-
Booleans can be written as True/TRUE or False/FALSE. Previously they could only be written as 1 or 0.
-
It is now possible to test for the existence of a slice.
-
All integer sizes are now compatible. Unless overflow occurs any integer field can be compared with any other.
-
-
The
text2pcap
command and the “Import from Hex Dump” feature have been updated and enhanced:-
text2pcap
supports writing the output file in all the capture file formats that wiretap library supports, using the same-F
option aseditcap
,mergecap
, andtshark
. -
Consistent with the other command line tools like
editcap
,mergecap
,tshark
, and the "Import from Hex Dump" option within Wireshark, the default capture file format fortext2pcap
is now pcapng. The-n
flag to select pcapng (instead of the previous default, pcap) has been deprecated and will be removed in a future release. -
text2pcap
supports selecting the encapsulation type of the output file format using the wiretap library short names with an-E
option, similar to the-T
option ofeditcap
. -
text2pcap
has been updated to use the new logging output options and the-d
flag has been removed. The "debug" log level corresponds to the old-d
flag, and the "noisy" log level corresponds to using-d
multiple times. -
text2pcap
and “Import from Hex Dump” support writing fake IP, TCP, UDP, and SCTP headers to files with Raw IP, Raw IPv4, and Raw IPv6 encapsulations, in addition to Ethernet encapsulation available in previous versions. -
text2pcap
supports scanning the input file using a custom regular expression, as supported in “Import from Hex Dump” in Wireshark 3.6.x. -
In general,
text2pcap
and wireshark’s “Import from Hex Dump” have feature parity.
-
-
The default main window layout has been changed so that the Packet Detail and Packet Bytes are side by side underneath the Packet List pane.
-
The HTTP2 dissector now supports using fake headers to parse the DATAs of streams captured without first HEADERS frames of a long-lived stream (such as a gRPC streaming call which allows sending many request or response messages in one HTTP2 stream). Users can specify fake headers using an existing stream’s server port, stream id and direction.
-
The IEEE 802.11 dissector supports Mesh Connex (MCX).
-
The “Capture Options” dialog contains the same configuration icon as the Welcome Screen. It is now possible to configure interfaces there.
-
The “Extcap” dialog remembers password items during runtime, which makes it possible to run extcaps multiple times in row without having to reenter the password each time. Passwords are never stored on disk.
-
It is possible to set extcap passwords in
tshark
and other CLI tools. -
The extcap configuration dialog now supports and remembers empty strings. There are new buttons to reset values back to their defaults.
-
Support to display JSON mapping for Protobuf message has been added.
-
macOS debugging symbols are now shipped in separate packages, similar to Windows packages.
-
In the ZigBee ZCL Messaging dissector the zbee_zcl_se.msg.msg_ctrl.depreciated field has been renamed to zbee_zcl_se.msg.msg_ctrl.deprecated
-
The interface list on the welcome page sorts active interfaces first and only displays sparklines for active interfaces. Additionally, the interfaces can now be hidden and shown via the context menu in the interface list
-
The Event Tracing for Windows (ETW) file reader now supports displaying IP packets from an event trace logfile or an event trace live session.
-
ciscodump now supports IOS, IOS-XE and ASA remote capturing
Removed Features and Support
-
The CMake options starting with DISABLE_something were renamed ENABLE_something for consistency. For example DISABLE_WERROR=On became ENABLE_WERROR=Off. The default values are unchanged.
New Protocol Support
Allied Telesis Loop Detection (AT LDF), AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM), DTN Bundle Protocol Security (BPSec), DTN Bundle Protocol Version 7 (BPv7), DTN TCP Convergence Layer Protocol (TCPCL), DVB Selection Information Table (DVB SIT), Enhanced Cash Trading Interface 10.0 (XTI), Enhanced Order Book Interface 10.0 (EOBI), Enhanced Trading Interface 10.0 (ETI), FiveCo’s Legacy Register Access Protocol (5co-legacy), Generic Data Transfer Protocol (GDT), gRPC Web (gRPC-Web), Host IP Configuration Protocol (HICP), Locamation Interface Module (IDENT, CALIBRATION, SAMPLES - IM1), Mesh Connex (MCX), Microsoft Cluster Remote Control Protocol (RCP), Protected Extensible Authentication Protocol (PEAP), Realtek, REdis Serialization Protocol v2 (RESP), Roon Discovery (RoonDisco), Secure File Transfer Protocol (sftp), Secure Host IP Configuration Protocol (SHICP), SSH File Transfer Protocol (SFTP), USB Attached SCSI (UASP), and ZBOSS NCP
Updated Protocol Support
Too many protocols have been updated to list here.
New and Updated Capture File Support
Major API Changes
-
proto.h: The field display types "STR_ASCII" and "STR_UNICODE" have been removed. Use "BASE_NONE" instead.
Wireshark 3.6.7 and 3.4.15 Released
July 27, 2022
Wireshark 3.6.7 and 3.4.15 have been released. Installers for Windows, Mac OS X 10.13 and later, and source code are now available.
In 3.6.7
Several bugs have been fixed. See the release notes for details.
For a complete list of changes, please refer to the 3.6.7 release notes.
In 3.4.15
Several bugs have been fixed. See the release notes for details.
For a complete list of changes, please refer to the 3.4.15 release notes.
Official releases are available right now from the download page.Wireshark 3.7.1 Development Release · June 27, 2022
Wireshark 3.6.6 Released · June 15, 2022
Wireshark 3.7.0 Development Release · May 11, 2022
Wireshark 3.6.5 Released · May 5, 2022
Wireshark 3.6.4 and 3.4.14 Released · May 4, 2022
Wireshark 3.6.3 and 3.4.13 Released · March 23, 2022
Wireshark 3.6.2 and 3.4.12 Released · February 10, 2022
Sysdig Sponsorship Video · January 20, 2022
We Have a New Sponsor! · January 13, 2022
Wireshark 3.6.1 and 3.4.11 Released · December 29, 2021
Statement on Log4j · December 15, 2021
Wireshark 3.6.0 Released · November 22, 2021
Wireshark 3.4.10 and 3.2.18 Released · November 17, 2021
Wireshark 3.6.0rc3 Release Candidate · November 11, 2021
Wireshark 3.6.0rc2 Release Candidate · October 27, 2021
Wireshark 3.6.0rc1 Release Candidate · October 13, 2021
Wireshark 3.4.9 and 3.2.17 Released · October 6, 2021
Wireshark 3.5.0 Development Release · August 27, 2021
Wireshark 3.4.8 and 3.2.16 Released · August 25, 2021
Wireshark 3.4.7 and 3.2.15 Released · July 14, 2021
Wireshark 3.4.6 and 3.2.14 Released · June 2, 2021
Wireshark 3.4.5 and 3.2.13 Released · April 21, 2021
Wireshark 3.4.4 and 3.2.12 Released · March 10, 2021
Wireshark 3.4.3 and 3.2.11 Released · January 29, 2021
Wireshark 3.4.2 and 3.2.10 Released · December 18, 2020
Wireshark 3.4.1 and 3.2.9 Released · December 9, 2020
Wireshark 3.4.0 and 3.2.8 Released · October 29, 2020
Wireshark 3.4.0rc1 Release Candidate · October 22, 2020
Wireshark 3.3.1 Development Release · October 1, 2020
Wireshark 3.2.7, 3.0.14, and 2.6.20 Released · September 23, 2020
Wireshark 3.3.0 Development Release · September 15, 2020
Wireshark 3.2.6, 3.0.13, and 2.6.19 Released · August 12, 2020
Wireshark 3.2.5, 3.0.12, and 2.6.18 Released · July 1, 2020
Wireshark 3.2.4, 3.0.11, and 2.6.17 Released · May 19, 2020
Wireshark 3.2.3, 3.0.10, and 2.6.16 Released · April 8, 2020
Wireshark 3.2.2, 3.0.9, and 2.6.15 Released · February 26, 2020
Wireshark 3.2.1, 3.0.8, and 2.6.14 Released · January 15, 2020
Wireshark 3.2.0 Released · December 18, 2019
Wireshark 3.2.0rc2 Release Candidate · December 11, 2019
Wireshark 3.2.0rc1 Release Candidate · December 5, 2019
Wireshark 3.0.7 and 2.6.13 Released · December 4, 2019
Wireshark 3.1.1 Development Release · November 18, 2019
Wireshark 3.0.6 and 2.6.12 Released · October 23, 2019
Wireshark 3.0.5 Released · September 20, 2019
Wireshark 3.0.4 and 2.6.11 Released · September 11, 2019
Wireshark 3.1.0 Development Release · July 25, 2019
Wireshark 3.0.3, 2.6.10 and 2.4.16 Released · July 17, 2019
Wireshark 3.0.2, 2.6.9 and 2.4.15 Released · May 21, 2019
Wireshark 3.0.1, 2.6.8 and 2.4.14 Released · April 8, 2019
Wireshark 3.0.0 Released · February 28, 2019
Wireshark 2.6.7 and 2.4.13 Released · February 27, 2019
Wireshark 3.0.0rc2 Released · February 21, 2019
Wireshark 3.0.0rc1 Released · February 15, 2019
Wireshark 2.6.6 and 2.4.12 Released · January 8, 2019
Wireshark 2.9.0 Development Release · December 12, 2018
Wireshark 2.6.5 and 2.4.11 Released · November 28, 2018
Wireshark 2.6.4 and 2.4.10 Released · October 11, 2018
Wireshark 2.6.3, 2.4.9 and 2.2.17 Released · August 29, 2018
Wireshark 2.6.2, 2.4.8 and 2.2.16 Released · July 18, 2018
Wireshark 2.6.1, 2.4.7 and 2.2.15 Released · May 22, 2018
Wireshark 2.6.0 Released · April 24, 2018
Wireshark 2.4.6 and 2.2.14 Released · April 3, 2018
Wireshark 2.5.1 Development Release · March 15, 2018
Wireshark 2.4.5 and 2.2.13 Released · February 23, 2018
Wireshark 2.5.0 Development Release · February 6, 2018
Wireshark 2.4.4 and 2.2.12 Released · January 11, 2018
Wireshark 2.4.3 and 2.2.11 Released · November 30, 2017
Wireshark 2.4.2, 2.2.10, and 2.0.16 Released · October 10, 2017
Wireshark 2.4.1, 2.2.9, and 2.0.15 Released · August 29, 2017
Wireshark 2.4.0 Released · July 19, 2017
Wireshark 2.2.8 and 2.0.14 Released · July 18, 2017
Wireshark 2.4.0rc2 Released · June 28, 2017
Wireshark 2.4.0rc1 Released · June 7, 2017
Wireshark 2.2.7 and 2.0.13 Released · June 1, 2017
Wireshark 2.2.6 and 2.0.12 Released · April 12, 2017
Wireshark 2.2.5 and 2.0.11 Released · March 3, 2017
Wireshark 2.2.4 and 2.0.10 Released · January 23, 2017
Wireshark 2.2.3 and 2.0.9 Released · December 14, 2016
Wireshark 2.2.2 and 2.0.8 Released · November 16, 2016
Wireshark 2.2.1 and 2.0.7 Released · October 4, 2016
Wireshark 2.0.6 Released · September 8, 2016
Wireshark 2.2.0 Released · September 7, 2016
Wireshark 2.2.0rc2 · August 31, 2016
Wireshark 2.2.0rc1 · August 22, 2016
Wireshark 2.0.5 and 1.12.13 Released · July 27, 2016
Wireshark 2.1.1 Development Release · July 14, 2016
Wireshark 2.1.0 Development Release · June 8, 2016
Wireshark 2.0.4 and 1.12.12 Released · June 7, 2016
Wireshark 2.0.3 and 1.12.11 Released · April 22, 2016
Wireshark 2.0.2 and 1.12.10 Released · February 26, 2016
Wireshark 2.0.1 and 1.12.9 Released · December 29, 2015
Wireshark 2.0.0 Released · November 18, 2015
Wireshark 2.0.0rc3 Released · November 11, 2015
Wireshark 2.0.0rc2 Released · October 30, 2015
Wireshark 2.0.0rc1 Released · October 14, 2015
Wireshark 1.12.8 Released · October 14, 2015
Wireshark 1.99.9 Development Release · September 2, 2015
Wireshark 1.12.7 Released · August 12, 2015
Wireshark 1.99.8 Development Release · July 24, 2015
Wireshark 1.99.7 Development Release · June 18, 2015
Wireshark 1.12.6 Released · June 17, 2015
Wireshark 1.99.6 Development Release · May 28, 2015
Wireshark 1.12.5 and 1.10.14 Released · May 12, 2015
Wireshark 1.99.5 Development Release · March 20, 2015
Wireshark 1.99.4 Development Release · March 19, 2015
Wireshark 1.99.3 Development Release · March 5, 2015
Wireshark 1.12.4 and 1.10.13 Released · March 4, 2015
Wireshark 1.99.2 Development Release · February 4, 2015
Wireshark 1.12.3 and 1.10.12 Released · January 7, 2015
Wireshark 1.99.1 Development Release · December 10, 2014
Wireshark 1.12.2 and 1.10.11 Released · November 12, 2014
Wireshark 1.99.0 Development Release · October 7, 2014
Wireshark 1.12.1 and 1.10.10 Released · September 16, 2014
Wireshark 1.12.0 and 1.10.9 Released · July 31, 2014
Wireshark 1.12.0rc3 Released · July 22, 2014
Wireshark 1.12.0rc2 Released · June 13, 2014
Wireshark 1.10.8 and 1.8.15 Released · June 12, 2014
Wireshark 1.10.7 and 1.8.14 Released · April 22, 2014
Wireshark 1.11.3 Development Release · April 15, 2014
Wireshark 1.10.6 and 1.8.13 Released · March 7, 2014
Wireshark 1.10.5 Released · December 19, 2013
Wireshark 1.10.4 and 1.8.12 Released · December 17, 2013
Wireshark 1.11.2 Development Release · November 18, 2013
Wireshark 1.11.0 Development Release · November 15, 2013
Wireshark 1.10.3 and 1.8.11 Released · November 1, 2013
Wireshark 1.11.0 Development Release · October 15, 2013
Wireshark 1.10.2 and 1.8.10 Released · September 10, 2013
Wireshark 1.10.1 and 1.8.9 Released · July 26, 2013
Wireshark 1.8.8 and 1.6.16 Released and 1.6 End of Life · June 7, 2013
Wireshark 1.10.0 Released · June 5, 2013
Wireshark 1.10.0rc2 Released · May 22, 2013
Wireshark 1.8.7 and 1.6.15 Released · May 17, 2013
Wireshark 1.10.0rc1 Released · April 26, 2013
Wireshark 1.9.1 Development Release · March 28, 2013
Wireshark 1.9.1 Development Release · March 12, 2013
Wireshark 1.8.6 and 1.6.14 Released · March 6, 2013
Wireshark 1.9.0 Development Release · February 20, 2013
Wireshark 1.8.5 and 1.6.13 Released · January 29, 2013
Wireshark Wiki Security Incident · January 9, 2013
Wireshark 1.8.4 and 1.6.12 Released · November 28, 2012
Wireshark 1.8.3 and 1.6.11 Released · October 2, 2012
Wireshark 1.8.2 and 1.6.10 Released · August 15, 2012
Wireshark 1.4.14 Released · July 24, 2012
Wireshark 1.8.1 and 1.6.9 Released · July 23, 2012
Wireshark 1.8.0 Released · June 21, 2012
Wireshark 1.8.0rc2 Released · June 18, 2012
Wireshark 1.8.0rc1 Released · June 6, 2012
Wireshark 1.6.8 and 1.4.13 Released · May 22, 2012
Wireshark 1.7.1 Development Release · April 6, 2012
Wireshark 1.6.7 Released · April 6, 2012
Wireshark 1.6.6 and 1.4.12 Released · March 27, 2012
Wireshark 1.6.5 and 1.4.11 Released · January 10, 2012
Wireshark 1.6.4 Released · November 18, 2011
Wireshark 1.7.0 Development Release · November 8, 2011
#1 on SecTools.Org · November 7, 2011
Wireshark 1.6.3 and 1.4.10 Released · November 1, 2011
We're Essential · September 19, 2011
Wireshark 1.6.2 and 1.4.9 Released · September 8, 2011
Wireshark 1.6.1 and 1.4.8 Released · July 18, 2011
Wireshark 1.6.0 Released · June 7, 2011
Wireshark 1.6.0rc2 Released · June 2, 2011
Wireshark 1.4.7 and 1.2.17 Released · May 31, 2011
Wireshark 1.6.0rc1 Released · May 16, 2011
Wireshark 1.4.6 Released · April 18, 2011
Wireshark 1.4.5 and 1.2.16 Released · April 15, 2011
Wireshark 1.5.1 Development Release · April 11, 2011
Wireshark 1.4.4 and 1.2.15 Released · March 1, 2011
Wireshark 1.5.0 Development Release · January 24, 2011
Wireshark 1.4.3 and 1.2.14 Released · January 11, 2011
Wireshark 1.4.2 and 1.2.13 Released · November 19, 2010
Riverbed Acquires CACE Technologies · October 21, 2010
CACE Pilot, WiFi Pilot, and Shark Appliance 2.4 Released · October 20, 2010
Wireshark 1.4.1 and 1.2.12 Released, 1.0.x EOL · October 11, 2010
Wireshark 1.4.0, 1.2.11, and 1.0.16 Released · August 30, 2010
"Wireshark Antivirus" Malware · August 4, 2010
We're SourceForge.net's Project of the Month! · August 1, 2010
End of Life Announcement for Wireshark 1.0 · July 31, 2010
Wireshark 1.2.10, 1.0.15, and 1.4.0rc2 Released · July 29, 2010
Wireshark 1.2.9, 1.0.14, and 1.4.0rc1 Released · June 9, 2010
Wireshark 1.2.8, 1.0.13, and 1.3.5 Released · May 5, 2010
Wireshark 1.2.7, 1.0.12, and 1.3.4 Released · March 31, 2010
Wireshark Wins PC Magazine Editor's Choice Award · February 22, 2010
Wireshark 1.3.3 Development Release · February 11, 2010
Wireshark 1.2.6 and 1.0.11 Released · January 27, 2010
CACE Pilot and WiFi Pilot 2.2 Released · January 18, 2010
Wireshark 1.2.5 Released · December 17, 2009
Wireshark 1.3.2 Development Release · November 24, 2009
Wireshark 1.2.4 Released · November 16, 2009
Wireshark 1.2.3, 1.0.10, and 1.3.1 Released · October 27, 2009
Wireshark 1.2.2, 1.0.9, and 1.3.0 Released · September 15, 2009
CACE Pilot and WiFi Pilot 2.1 Released · September 1, 2009
CACE Pilot 2.0 Released · July 28, 2009
Wireshark 1.2.1 Released · July 20, 2009
Nmap 5 Released · July 16, 2009
Wireshark 1.2 Released · June 15, 2009
Wireshark 1.2.0pre2 Released · June 9, 2009
Wireshark 1.2.0pre1 Released · May 27, 2009
Free Wireshark Jumpstart Seminars From Laura Chappell · May 22, 2009
Wireshark 1.0.8 Released · May 21, 2009
Another Day, Another New York Times Article · May 14, 2009
Wireshark Helps Expose Spy Ring · May 12, 2009
Announcing WiFi Pilot · May 7, 2009
Wireshark 1.0.7 Released · April 8, 2009
A Pile Of Great Keynotes At Sharkfest '09 · March 24, 2009
Wireshark 1.1.3 Development Release · March 23, 2009
Conficker Loves Us! · March 12, 2009
Wireshark 1.0.6 Released · February 6, 2009
CACE Pilot 1.2 released · January 23, 2009
Wireshark 1.1.2 Development Release · January 15, 2009
Wireshark 1.0.5 Released · December 10, 2008
New Video: Custom Columns (Plus Bonus Wireshark University Updates) · December 9, 2008
New Book: Nmap Network Scanning · December 3, 2008
Wireshark classes from Mike Pennacchi and Chris Sanders · November 7, 2008
tcpdump 4.0.0 / libpcap 1.0.0 released · October 28, 2008
New Article: Using Wireshark and TShark display filters for troubleshooting · October 22, 2008
Wireshark 1.0.4 Released · October 20, 2008
Meet Gerald At Laura Chappell's Troubleshooting and Security Summit · October 10, 2008
Wireshark 1.1.1 Development Release · October 9, 2008
Wireshark 1.1.0 Development Release · September 14, 2008
Sign Up Now for Laura Chappell's Troubleshooting and Security Summit · September 3, 2008
Wireshark 1.0.3 Released · September 3, 2008
Wireshark Wins 2008 InfoWorld BOSSIE Award · August 4, 2008
Wireshark is 10! (Plus two bonus announcements) · July 14, 2008
Wireshark 1.0.2 Released · July 10, 2008
Wireshark 1.0.1 Released · June 30, 2008
Announcing TurboCap · June 26, 2008
New Article: Open Source Founders Reflect On Project Milestones · April 22, 2008
Announcing Pilot · April 16, 2008
New Video: TCP Connection Loss · April 7, 2008
Sharkfest Was Great! · April 3, 2008
Wireshark 1.0 Released · March 31, 2008
Server Outage · March 20, 2008
Wireshark 0.99.8 Released · February 27, 2008
Vint Cerf at Sharkfest! · February 19, 2008
New Video: Analyzing DNS Queries · February 4, 2008
New Video: ICMP Redirection (plus a Tech Talk) · January 7, 2008
Wireshark 0.99.7 Released · December 18, 2007
New Mirror in Indonesia · December 16, 2007
Nmap is 10 · December 14, 2007
New Video: Advanced IO Graphing · November 5, 2007
German Tutorial from Mirko Kulpa · November 1, 2007
In Memoriam: Jun-ichiro Hagino · October 30, 2007
New Article: Time to Roll Your Own 802.11n Standard · October 5, 2007
New Video: Faulty Padding · September 24, 2007
First Annual SHARKFEST Announced · September 12, 2007
Wireshark Wins 2007 InfoWorld BOSSIE Award · September 10, 2007
New Article: SPAN Port or TAP? CSO Beware · September 9, 2007
New Article: Analyzing TCP Performance with Wireshark · August 17, 2007
Wireshark 0.99.6a Windows Installer Released · July 9, 2007
Wireshark 0.99.6 Released · July 5, 2007
New Article: Creating Your Own Custom Wireshark Dissector · July 2, 2007
New Video: Building ACL Rules · July 2, 2007
Wireshark at LinuxWorld 2007 · June 27, 2007
New tool: WPA PSK Generator · June 22, 2007
New Book: Practical Packet Analysis · May 23, 2007
eWEEK Says We're Important · May 2, 2007
Wireshark! Live! Helpdesk · April 1, 2007
Wireshark University Announced · March 19, 2007
New Mirror in Hungary · March 2, 2007
New Mirror in Germany · February 21, 2007
McAfee VirusScan False Positive · February 13, 2007
Wireshark 0.99.5 Released · February 1, 2007
WinPcap 4.0 Released · January 29, 2007
3Com Says We're "Best-Of-Breed" · January 29, 2007
New Mirror in the U.S. · January 22, 2007
New Mirror in the Netherlands · January 5, 2007
MacOS X Package Available · January 4, 2007
Article in COMPUTERWOCHE.de · November 14, 2006
Wireshark 0.99.4 Released · October 31, 2006
Wireshark Training Available for Q1 2007 · October 23, 2006
Site Outage · September 18, 2006
Wireshark 0.99.3 Released · August 23, 2006
Wireshark 0.99.2 Released · July 17, 2006
Tutorial and Podcast from Chris Sanders · July 14, 2006
Symantec Antivirus False Positive · July 4, 2006
We're (still) #2! · June 21, 2006
Ethereal® is now Wireshark™ · June 7, 2006