Wireshark is a popular open-source network protocol analyzer that is primarily used by security experts and network administrators for several purposes:-
Troubleshooting
Analysis
Development
Education
Its popularity originates from its:-
Robust features
User-friendly interface
Versatility in analyzing network issues
Troubleshooting network issues
All these key factors make Wireshark one of the top choices for several organizations in a multitude of sectors. Besides this, recently, Wireshark Foundation launched version 4.2.0, introducing new updates and features.
What’s new in Wireshark 4.2.0?
Under the Wireshark Foundation, the “Wireshark 4.2.0” is the first major Wireshark release, which brings the following new additions and features:-
Dark mode support on Windows.
A Windows installer for Arm64 has been added.
Packet list sorting has been improved.
Wireshark and TShark are now better about generating valid UTF-8 output.
A new display filter feature for filtering raw bytes has been added.
Display filter autocomplete is smarter about not suggesting invalid syntax.
Tools › MAC Address Blocks can lookup a MAC address in the IEEE OUI registry.
The enterprises, manuf, and services configuration files have been compiled in for improved start-up times.
The installation target no longer installs development headers by default.
The Wireshark installation is relocatable on Linux.
Wireshark can be compiled on Windows using MSYS2.
Wireshark can be cross-compiled for Windows using Linux.
Tools › Browser (SSL Keylog) can launch your web browser with the SSLKEYLOGFILE environment variable set to the appropriate value.
Windows installer file names now have the format Wireshark-<version>-<architecture>.exe.
Wireshark now supports the Korean language.
RTPDump is the new file format decoding.
Document
Protect Your Storage With SafeGuard
Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
Removed features & support
Here below, we have mentioned all the removed features and support:-
TShark’s -e option no longer supports displaying column text via the column title.
The disabled default script ‘dtd_gen.lua’ has been removed from the installation bundle.
The Wi-Fi NAN dissector filter name is now ‘wifi_nan’ instead of ‘nan’.
New Protocol Support
Here below, we have mentioned the new protocol support:-
Aruba UBT
ASAM Capture Module Protocol (CMP)
ATSC Link-Layer Protocol (ALP)
DECT DLC protocol layer (DECT-DLC)
DECT NWK protocol layer (DECT-NWK)
DECT proprietary Mitel OMM/RFP Protocol (also named AaMiDe)
Digital Object Identifier Resolution Protocol (DO-IRP)
Discard Protocol
FiRa UWB Controller Interface (UCI)
FiveCo’s Register Access Protocol (5CoRAP)
Fortinet FortiGate Cluster Protocol (FGCP)
GPS L1 C/A LNAV navigation messages
GSM Radio Link Protocol (RLP)
H.224
High Speed Fahrzeugzugang (HSFZ)
Hypertext Transfer Protocol version 3 (HTTP/3)
ID3v2
IEEE 802.1CB (R-TAG)
Iperf3
JSON 3GPP
Low Level Signalling (ATSC3 LLS)
Management Component Transport Protocol (MCTP)
Management Component Transport Protocol – Control Protocol (MCTP CP)
Matter home automation protocol
Microsoft Delivery Optimization
Multi-Drop Bus (MDB)
Non-volatile Memory Express – Management Interface (NVMe-MI) over MCTP
RDP audio output virtual channel Protocol (rdpsnd)
RDP clipboard redirection channel Protocol (cliprdr)
RDP Program virtual channel Protocol (RAIL)
SAP Enqueue Server (SAPEnqueue)
SAP GUI (SAPDiag)
SAP HANA SQL Command Network Protocol (SAPHDB)
SAP Internet Graphic Server (SAP IGS)
SAP Message Server (SAPMS)
SAP Network Interface (SAPNI)
SAP Router (SAPROUTER)
SAP Secure Network Connection (SNC)
SBAS L1 Navigation Messages (SBAS L1)
SINEC AP1 Protocol (SINEC AP)
SMPTE ST2110-20 (Uncompressed Active Video)
Train Real-Time Data Protocol (TRDP)
UBX protocol of u-blox GNSS receivers (UBX)
UDP Tracker Protocol for BitTorrent (BT-Tracker)
UWB UCI Protocol
Video Protocol 9 (VP9)
VMware HeartBeat
Windows Delivery Optimization (MS-DO)
Z21 LAN Protocol (Z21)
Zabbix
ZigBee Direct (ZBD)
Zigbee TLV
Updated Protocol Support
Here below, we have mentioned all the updated protocol support:-
JSON
IPv6
XML
SIP
HTTP
CFM
New and Updated Codec support
Adaptive Multi-Rate (AMR), if compiled with opencore-amr is the new and updated codec support.
Major API Changes
Here below, we have mentioned all the major API changes:-
Lua function “package.prepend_path” has been removed.
Added reassemble_streaming_data_and_call_subdissector() API for easier reassembly of non-TCP high-level protocol streaming data.
Some of the API now uses C99 types instead of GLib types.
Moreover, the Linux/Unix vendors offer Wireshark packages via platform-specific package management. If you want, then you can find the third-party packages on Wireshark’s download page.
Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.
The post Wireshark 4.2.0 Released – What’s New! appeared first on Cyber Security News.
Cyber Security News
