Nova versão do Wireshark disponível (3.0.0) com suporte para Npcap Packet Capturing Library.

Wireshark 3.0.0 foi lançado. Um grande número de bugs foram corrigidos e outras funcionalidades foram introduzidas.

O Wireshark é a ferramenta mais popular de análise de tráfego de rede, utilizado tanto por utilizadores individuais, researchers, ou até, grandes empresas de segurança e redes.

A nova versão do Wireshark 3 vem com muitos novos recursos atualizados e remove o suporte para recursos legados.

Important Feature Updates –
Wireshark 3.0.0

  • Initial support for using PKCS #11 tokens for RSA decryption in TLS. This can be configured at Preferences, RSA Keys.
  • The IP map feature (the “Map” button in the “Endpoints” dialog) has been added back in a modernized form
  • The macOS package now ships with Qt 5.12.1. Previously it shipped with Qt 5.9.7.
  • Conversation timestamps are supported for UDP/UDP-Lite protocols
  • The SSL dissector has been renamed to TLS. As with BOOTP the old “ssl.*” display filter fields are supported but may be removed in a future release.
  • Coloring rules, IO graphs, Filter Buttons and protocol preference tables can now be copied from other profiles using a button in the corresponding configuration dialogs.
  • The sshdump and ciscodump extcap interfaces can now use a proxy for the SSH connection.
  • Support for DTLS and TLS decryption using pcapng files that embed a Decryption Secrets Block (DSB) containing a TLS Key Log.
  • The Windows .exe installers now ship with Npcap instead of WinPcap. It replaces unsupported WinPcap packet capture library and the Npcap offers more speed, portability, security, and efficiency.