Network Protocol Analyzer Wireshark 3.6 released

Martin Brinkmann
Nov 28, 2021
Network
|
3

Wireshark 3.6 is the latest version of the network protocol analyzer. The program is available for Windows, Mac and Linux operating systems, and the latest version introduces a large number of improvements, including support for a wide range of new protocols.

Wireshark may be used to capture and analyze network traffic; it is often used by network administrators and security researchers to inspect the behavior of certain applications or services.

Our first mentioning of Wireshark dates back to 2009.

Wireshark 3.6

Interested users find downloads of Wireshark 3.6 on the official project website. Applications are provided for Windows (portable and installer), and Mac OS. The source code is also listed on the download page.

Windows packages include the latest stable release version of Npcap, which Wireshark requires for live packet capturing. A 64-bit portable version of Wireshark for Windows is now provided. Note that a packet capture driver needs to be installed manually if the portable version of Wireshark is used.

The changelog lists all changes of the new Wireshark 3.6 release. You may consult it for a full rundown on what is new and changed.

Below is a short list of the most important changes in the new version:

  • New 64-bit portable version for Windows.
  • The Windows installer comes with Npcap 1.55.
  • Wireshark supports Event Tracing for Windows.
    • "A new extcap named ETW reader is created that now can open an etl file, convert all events in the file to DLT_ETW packets and write to a specified FIFO destination."
  • Support for Mac OS ARM 64, with a package now provided.
  • The Mac version requires Mac OS 10.13 or newer. It includes Qt 5.15.3.
  • Display filter set elements must be separated with commas.
  • Literal strings may be specified using raw string syntax.
  • RTP Player has been improved. It can now play several streams in a row, has a playlist, which supports adding and removing streams, stream muting, has a more responsive UI, and is now found under Telephony > RTP > RTP Player.
  • VoIP dialogs are now non-modal and may stay open in the background.
  • IP fragments between public IPv4 addresses are now reassembled even if they have different VLAN IDs.
  • TShark can export TLS session keys.
  • User guide has been updated.
  • Support for many new protocols, e.g. 5G Lawful Interception (5GLI), Bluetooth Link Manager Protocol (BT LMP), Bundle Protocol version 7 (BPv7).

Now You: do you use tools such as Wireshark?

Summary
Article Name
Network Protocol Analyzer Wireshark 3.6 released
Description
Wireshark 3.6 is the latest version of the network protocol analyzer, which introduces a large number of new features and improvements.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Sam said on November 29, 2021 at 2:09 pm
    Reply

    Martin,
    Just awesome! I am so happy that my aggravation over “connection not secure” has stopped.

    Thank you so much.

    Sam in Minnesota, USA

  2. brock said on November 28, 2021 at 6:24 pm
    Reply

    Would be nice if you mentioned it was free. Almost every vendor offers “download for free” for crippled or timed versions, so it’s nice to recognize products that are completely free.

  3. ShintoPlasm said on November 28, 2021 at 8:45 am
    Reply

    Here’s an increasingly rare example of a good program (not app!) where the focus is on useful functionality and improvement, not taking away features and not reinventing the UI. What browsers used to be for a while in the mid/late-2000s.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.