Software Update: Wireshark 1.5.0

With version number 1.5.0, a new development version of Wireshark has been released. Wireshark is an open source protocol analyzer and packet sniffer, which can analyze various network protocols and data packets on the network. The program can also use previously saved data traffic as input. Since version 1.2.0 there is a separate version for 64bit versions of Windows. As of version 1.4.0, there is also a 64bit version for Mac OS X, but Windows 2000 is no longer supported. Below is an overview of the most important improvements since version 1.4.

New and Updated Features

• Wireshark can import text dumps
• similar to text2pcap.
• You can now view Wireshark’s dissector tables (for example the TCP port to dissector mappings) from the main window.
• TShark can show a specific occurrence of a field when using ‘-T fields’.
• Custom columns can show a specific occurrence of a field.
• You can hide columns in the packet list.
• Wireshark can now export SMB objects.
• dftest and randpkt now have manual pages.
• TShark can now display iSCSI service response times.
• Dumpcap can now save files with a user-specified group id.
• Syntax checking is done for capture filters.
• You can display the compiled BPF code for capture filters in the Capture Options dialog.
• You can now navigate backwards and forwards through TCP and UDP sessions using Ctrl+
• and Ctrl+. .
• Packet length is (finally) a default column.
• TCP window size is now available both scaled and unscaled. A TCP window scaling graph is available in the GUI.
• 802.1q VLAN tags are now shown by the Ethernet II dissector.
• Various dissectors now display some UTF-16 strings as proper Unicode including the DCE/RPC and SMB dissectors.
• The RTP player now has an option to show the time of day in the graph in addition to the seconds since beginning of capture.
• The RTP player now shows why media interruptions occur.
• Graphs now save as PNG images by default.

New Protocol Support

• ADwin
• ADwin-Config
• Apache Etch
• Aruba PAPIA
• Constrained Application Protocol (COAP)
• Digium TDMoE
• Ether-SI/O
• FastCGIA
• Fiber Channel over InfiniBand (FCoIB)
• Gopher
• Gigamon GMHDR
• IDMP
• Infiniband Socket Direct Protocol (SDP)
• JSON
• LISP Dates
• MikroTik MAC Telnet
• Mongo Wire Protocol
• Network Monitor 802.11 radio header
• OPC UA ExtensionObjects
• PPI-GEOLOCATION-GPS
• ReLOAD
• ReLOAD Framing
• SAMETIME
• SCoP
• SGSAP
• Tektronix Teklink
• WAI authentication
• Wi-Fi P2P (Wi-Fi Direct)

New and Updated Capture File Support

• Apple PacketLogger
• Catapult DCT2000
• Daintree SNA
• Endace ERF
• HP OpenVMS TCPTrace
• IPFIX (the file format
• not the protocol)
• Lucent/Ascend debug
• Microsoft Network Monitor
• Network Instruments
• TamoSoft CommView

The following downloads are available:
Wireshark 1.5.0 for Windows (32bit)
Wireshark 1.5.0 for Windows (64bit)
Wireshark 1.5.0 for Windows (U3 version)
Wireshark 1.5.0 for PortableApps
Wireshark 1.5.0 for Mac OS X 10.5 (Intel, 32bit)
Wireshark 1.5.0 for Mac OS X 10.5 (PPC, 32bit)
Wireshark 1.5.0 for Mac OS X 10.6 (Intel, 64bit)
Wireshark 1.5.0 source code for Linux, Solaris, FreeBSD and NetBSD among others