2005-07-28 14:29:19 +00:00
|
|
|
<?xml version="1.0"?>
|
2006-03-17 22:59:24 +00:00
|
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
2005-07-28 14:29:19 +00:00
|
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
|
|
|
|
2005-08-02 06:39:04 +00:00
|
|
|
<!-- $Id$ -->
|
2005-07-28 14:29:19 +00:00
|
|
|
|
|
|
|
<!--
|
|
|
|
DOCUMENT SECTION
|
|
|
|
-Use this section to encode all document information
|
|
|
|
-->
|
|
|
|
|
|
|
|
<!--
|
2006-06-06 13:04:30 +00:00
|
|
|
Wireshark Info
|
2005-07-28 14:29:19 +00:00
|
|
|
-->
|
2009-11-24 05:57:05 +00:00
|
|
|
<!ENTITY WiresharkCurrentVersion "1.3.3">
|
2005-07-28 14:29:19 +00:00
|
|
|
|
|
|
|
]>
|
|
|
|
|
|
|
|
<article>
|
2006-06-06 13:04:30 +00:00
|
|
|
<title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
|
2006-06-06 13:04:30 +00:00
|
|
|
<section id="WhatIs"><title>What is Wireshark?</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
2006-05-22 08:14:01 +00:00
|
|
|
Wireshark is the world's most popular network protocol analyzer. It
|
2005-07-28 14:29:19 +00:00
|
|
|
is used for troubleshooting, analysis, development, and education.
|
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="WhatsNew"><title>What's New</title>
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="BugFixes"><title>Bug Fixes</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
2005-10-26 14:27:12 +00:00
|
|
|
|
2006-08-24 16:29:49 +00:00
|
|
|
The following vulnerabilities have been fixed. See the
|
2007-02-20 18:44:22 +00:00
|
|
|
<ulink url="http://www.wireshark.org/security/wnpa-sec-2007-02.html">security advisory</ulink> for details and a workaround.
|
2006-03-17 22:59:24 +00:00
|
|
|
|
2007-03-07 01:17:24 +00:00
|
|
|
<itemizedlist>
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
<para>
|
2009-05-15 18:27:25 +00:00
|
|
|
The NetFlow dissector could run off with your dog, crash your truck,
|
|
|
|
and write a country music song about the experience.
|
|
|
|
<!-- Fixed in r????? -->
|
|
|
|
<!-- (Bug <ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=????">????</ulink>) -->
|
2007-03-21 20:44:07 +00:00
|
|
|
</para>
|
2009-05-15 18:27:25 +00:00
|
|
|
<para>Versions affected: 0.99.5 to 1.0.8</para>
|
2008-03-04 21:03:43 +00:00
|
|
|
<para>
|
|
|
|
<!-- <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-????">CVE-2007-????</ulink> -->
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2007-03-07 01:17:24 +00:00
|
|
|
</itemizedlist>
|
|
|
|
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
2006-03-07 19:53:57 +00:00
|
|
|
|
2006-08-24 16:29:49 +00:00
|
|
|
<para>
|
|
|
|
|
|
|
|
The following bugs have been fixed:
|
|
|
|
|
2007-09-25 21:35:20 +00:00
|
|
|
<itemizedlist>
|
|
|
|
|
|
|
|
<listitem><para>
|
2007-11-21 00:09:38 +00:00
|
|
|
Wireshark could crash without warning.
|
2007-11-16 20:00:00 +00:00
|
|
|
</para></listitem>
|
|
|
|
|
2007-09-25 21:35:20 +00:00
|
|
|
</itemizedlist>
|
|
|
|
|
2006-08-24 16:29:49 +00:00
|
|
|
</para>
|
|
|
|
|
2005-10-14 18:50:25 +00:00
|
|
|
</section>
|
2005-09-06 22:07:35 +00:00
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="NewFeatures"><title>New and Updated Features</title>
|
2005-08-17 22:32:40 +00:00
|
|
|
<para>
|
2005-10-14 16:00:04 +00:00
|
|
|
The following features are new (or have been significantly updated)
|
2009-09-15 19:57:51 +00:00
|
|
|
since version 1.2:
|
2005-08-17 22:32:40 +00:00
|
|
|
|
2007-08-30 00:24:40 +00:00
|
|
|
<itemizedlist>
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
<para>
|
2009-09-03 18:15:23 +00:00
|
|
|
The packet list internals have been rewritten and are now more
|
|
|
|
efficient.
|
2009-05-15 18:27:25 +00:00
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2009-09-15 19:57:51 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
Python scripting support has been added.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2009-05-15 18:27:25 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
2009-09-03 18:15:23 +00:00
|
|
|
Capturing from pipes on Windows has been improved.
|
2009-05-19 22:40:22 +00:00
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2009-10-27 00:10:52 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
Many memory leaks have been fixed.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2010-02-09 19:13:57 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
Wireshark no longer supports Windows 2000. Please use Wireshark 1.2 or 1.0 on
|
|
|
|
those systems.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2007-08-30 00:24:40 +00:00
|
|
|
</itemizedlist>
|
|
|
|
|
2005-08-17 22:32:40 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
2005-10-12 16:17:03 +00:00
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="NewProtocols"><title>New Protocol Support</title>
|
2005-10-12 16:17:03 +00:00
|
|
|
<para>
|
|
|
|
|
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="UpdatedProtocols"><title>Updated Protocol Support</title> <para>
|
2005-10-12 16:17:03 +00:00
|
|
|
|
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="NewCapture"><title>New and Updated Capture File Support</title>
|
2005-10-12 16:17:03 +00:00
|
|
|
<para>
|
|
|
|
|
2006-10-14 00:31:35 +00:00
|
|
|
</para>
|
2005-10-12 16:17:03 +00:00
|
|
|
</section>
|
|
|
|
|
2005-07-28 14:29:19 +00:00
|
|
|
</section>
|
|
|
|
|
2006-06-06 13:04:30 +00:00
|
|
|
<section id="GettingWireshark"><title>Getting Wireshark</title>
|
2006-08-15 20:54:51 +00:00
|
|
|
<para>
|
|
|
|
Wireshark source code and installation packages are available from
|
2009-10-27 22:05:09 +00:00
|
|
|
<ulink url="http://www.wireshark.org/download.html">http://www.wireshark.org/download.html</ulink>.
|
2006-08-15 20:54:51 +00:00
|
|
|
</para>
|
2005-07-28 14:29:19 +00:00
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="VendorPackages"><title>Vendor-supplied Packages</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
2006-06-06 13:04:30 +00:00
|
|
|
Most Linux and Unix vendors supply their own Wireshark packages.
|
2006-10-10 21:15:19 +00:00
|
|
|
You can usually install or upgrade Wireshark using the package management
|
2005-10-14 16:00:04 +00:00
|
|
|
system specific to that platform. A list of third-party packages
|
2006-10-10 21:15:19 +00:00
|
|
|
can be found on the
|
|
|
|
<ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
</section>
|
|
|
|
|
2006-03-17 22:59:24 +00:00
|
|
|
<!-- XXX needs to be written
|
2006-06-06 13:04:30 +00:00
|
|
|
<section id="RemovingWireshark"><title>Removing Wireshark</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
|
|
|
</para>
|
|
|
|
</section>
|
2005-09-21 14:20:43 +00:00
|
|
|
-->
|
2005-07-28 14:29:19 +00:00
|
|
|
|
|
|
|
<section id="FileLocations"><title>File Locations</title>
|
|
|
|
<para>
|
2006-06-06 13:04:30 +00:00
|
|
|
Wireshark and TShark look in several different locations for
|
2005-09-06 19:21:48 +00:00
|
|
|
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
|
|
|
|
These locations vary from platform to platform. You can use
|
|
|
|
About->Folders to find the default locations on your system.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="KnownProblems"><title>Known Problems</title>
|
2006-03-20 20:27:52 +00:00
|
|
|
|
|
|
|
<para>
|
2008-03-27 22:05:52 +00:00
|
|
|
Wireshark may appear offscreen on multi-monitor Windows systems.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=553">Bug
|
|
|
|
553</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Wireshark might make your system disassociate from a wireless network
|
|
|
|
on OS X.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1315">Bug
|
|
|
|
1315</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Dumpcap might not quit if Wireshark or TShark crashes.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419">Bug
|
|
|
|
1419</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Wireshark is unable to decrypt WPA group keys.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1420">Bug
|
|
|
|
1420</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
The BER dissector might infinitely loop.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516">Bug
|
|
|
|
1516</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Wireshark can't dynamically update the packet list. This means that host
|
|
|
|
name resolutions above a certain response time threshold won't show up in
|
|
|
|
the packet list.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1605">Bug
|
|
|
|
1605</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Capture filters aren't applied when capturing from named pipes.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814">Bug
|
|
|
|
1814</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Wireshark might freeze when reading from a pipe.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2082">Bug
|
|
|
|
2082</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Capturing from named pipes might be delayed on Windows.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2200">Bug
|
|
|
|
2200</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Filtering tshark captures with display filters (-R) no longer works.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234">Bug
|
|
|
|
2234</ulink>)
|
2006-03-20 20:27:52 +00:00
|
|
|
</para>
|
|
|
|
|
2009-11-11 00:09:03 +00:00
|
|
|
<para>
|
|
|
|
The 64-bit Windows installer does not ship with the same libraries as the
|
|
|
|
32-bit installer.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3610">Bug
|
|
|
|
3610</ulink>)
|
|
|
|
</para>
|
|
|
|
|
2005-07-28 14:29:19 +00:00
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="GettingHelp"><title>Getting Help</title>
|
|
|
|
<para>
|
2006-05-31 19:12:15 +00:00
|
|
|
Community support is available on the wireshark-users mailing list.
|
2006-06-06 13:04:30 +00:00
|
|
|
Subscription information and archives for all of Wireshark's mailing
|
2006-05-31 19:12:15 +00:00
|
|
|
lists can be found on <ulink url="http://www.wireshark.org/lists/">the
|
2006-06-06 13:04:30 +00:00
|
|
|
web site</ulink>.
|
2005-09-21 14:20:43 +00:00
|
|
|
</para>
|
|
|
|
<para>
|
|
|
|
Commercial support, training, and development services are available
|
2006-06-06 13:04:30 +00:00
|
|
|
from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="FAQ"><title>Frequently Asked Questions</title>
|
|
|
|
<para>
|
2005-09-21 14:20:43 +00:00
|
|
|
A complete FAQ is available on the
|
2006-06-06 13:04:30 +00:00
|
|
|
<ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
</article>
|