Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wireshark 1.0 Released

Posted by ScuttleMonkey on from the happy-sniffing dept.

katterjohn writes "After almost 10 years of work, Wireshark 1.0 has been released. Wireshark is the award-winning protocol analyzer, formerly known as Ethereal. The release features several security fixes and an experimental package for Max OS X Intel."

11 of 123 comments (clear)

  1. Say ... by ScrewMaster · · Score: 5, Interesting

    would this still be illegal in Germany?

    --
    The higher the technology, the sharper that two-edged sword.
  2. Award-winning? by Anonymous Coward · · Score: 5, Interesting

    Whenever some product claims to be "award-winning", I always wonder what that award is. It's like the word "professional", that also lost its meaning. So, anybody have any pointers to any kind of "award"?

  3. Congratulations by slashnik · · Score: 1, Interesting

    Well done to the whole team on reaching this milestone.
    This excellent and valuable tool has been a vital part of my toolkit for many years.

  4. and yet... by digitalsushi · · Score: 3, Interesting

    I wish I could sniff on multiple interfaces.

    Or exclude specific interfaces from the pseudo-device available in some versions (like my linux copy)

    Or filter out duplicate packets (not retransmissions, but the literal same packet: I bridged two interfaces, and the pseudo-device captures both the bridge and the bridge member)

    Or just add localhost to a bridge.. why I can't do this is outside my understanding (until someone gives a crafty answer)

    Or even just route all traffic destined for localhost through a physical interface first (I just want to capture all my packets, including localhost and a bridge with several ethernet members, but only once!)

    Ah, it's on the wishlist. For another day, perhaps...

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
  5. Useful in Biztalk by jasonmanley · · Score: 3, Interesting

    I do a lot of Biztalk dev and I often need to send data to remote HTTP locations. Usually the outgoing message is transformed inside an outgoing pipeline and it is not always easy to see exactly what is being sent to the client. This is where WireShark has come in handy. I just monitor my ethernet interface for a few seconds. The results are usually colour coded and easy to read. Very useful tool.

    --
    http://projectleader.wordpress.com
    1. Re:Useful in Biztalk by mcpkaaos · · Score: 4, Interesting

      A dev after my own heart! I use it to capture ASP.NET web service requests as it's far easier to deal with than WSE3 tracing or serializing objects before passing them to the web proxy (which usually leaves you without namespaces anyway).

      Over the years, I've found protocol analyzers to be indispensable for developing and debugging modern MS-based network apps. They hide so damned much from the developers these days, often times it's the only way to see what's really going on.

      --
      It goes from God, to Jerry, to me.
  6. Re:Thanks! by UncleTogie · · Score: 2, Interesting

    Amen to that. "Assemble TCP Stream" alone is a glorious thing, and there's so much more.

    Ditto. It was the first thing I noticed, and seemed to work well with the {admittedly few} tests that I threw at it... Anyone else notice any discrepancies?

    --
    Don't tell me to get a life. I'm a gamer; I have LOTS of lives!
  7. Hm by mattmcm · · Score: 1, Interesting

    Why do I get the feeling this is a cruel April Fool's gag? I can't see 1.0 on the Sourceforge page, and the site was Slashdotted so I can't check that. Gah.

  8. Helped me at work by British · · Score: 4, Interesting

    Long story short: I had a SQL client app that tried to connect to the SQL server with a hard-coded password. I needed to know the password to set on the server. Fired up wireshark, found the password, set said password on the server, and it was a go.

  9. Re:The difference between F/OSS and commercial by Zantetsuken · · Score: 3, Interesting

    his point is that the quality of these sorts of F/OSS releases is often on par with a commercial product that would now be release 8.12 - not just 8.0 feature-wise, but .12 because of the stability. when you go to show your phb why your company should use wireshark, tell them its only 1.0 and yet already has tons of features and stability not found in commercial products at 8.12 releases

  10. Is Wireshark the right tool for me? by baeksu · · Score: 2, Interesting

    I have a 'black box' on my home network. It's a voip phone, provided by our local telecom, and I'd really like to see what traffic it's sending to and receiving from the outside.

    I've scanned it with nmap and not found any open ports from the outside. It's sitting behind a nat router, and the company won't tell me which ports it would need to forwarded (though somehow it's still able to receive calls and messages from the outside).

    Actually, the company says I should forward ports 20000-60000 (seriously), but I think I won't do that.

    I'm really curious to see the traffic it sends and receives, and also whether it's using any encryption. Is it possible to use Wireshark to sniff the traffic from another box that is within the same LAN, and where might one find a good tutorial for such a project?

    --
    Gnome: A never ending quest to make unix friendly to people who don't want unix and excruciating for those that do.