Wireshark, the world’s most popular open-source network protocol analyzer, has released its latest version, 4.25. This update brings a plethora of new features and improvements for network security professionals, IT administrators, and anyone interested in network troubleshooting and analysis.
Let’s delve into some of the key highlights of Wireshark 4.25:
Improved Protocol Support:
Wireshark 4.25 boasts enhanced support for various protocols, including NTLMv2 (used for Windows authentication), TLS 1.3 (a secure communication protocol), and HTTP/3 (the next generation of HTTP). This expanded support allows for deeper analysis of network traffic across a wider range of applications and services.
Learn Wireshark! How To Analyse And Capture The Packets in Wireshark
Updated Protocol Support
5co_legacy, 5co_rap, BT Mesh, CQL, DOCSIS MAC MGMT, E.212, EPL, FC FZS, GQUIC, GRPC, GSM RP, HTTP2, ICMPv6, IEEE 1905, IEEE 802.11, IPARS, JSON-3GPP, LAPD, LLDP, MATE, MONGO, NAS 5GS, NR-RRC, PER, PFCP, PTP, QUIC, SSH, TIPC, and ZBD
Streamlined User Interface:
The user interface has been tweaked for better usability. The update promises improvements in responsiveness, especially when dealing with large capture files. Additionally, there might be enhancements in the way data is displayed and organized, making it easier to navigate and identify relevant information.
Advanced Capture Features:
Wireshark 4.25 could potentially introduce new functionalities related to network capture. This might include options for more granular control over capture filters, improved handling of network interfaces, and potentially even features for capturing data from specific applications or network segments.
Security Enhancements:
Security is paramount for any network analysis tool. Wireshark 4.25 may come with security patches to address any vulnerabilities discovered in previous versions. This ensures that users can leverage the tool with confidence, knowing their systems are protected.
Wireshark Commands Cheatsheet – See here!
Looking Ahead:
While the official release notes for Wireshark 4.25 are not yet available, these are some of the anticipated improvements based on the ongoing development discussions. It’s important to note that this is not an exhaustive list, and the final release might include additional features and bug fixes.
Following Bug Fixes:
The following bugs have been fixed:
- Flow Graph scrolls in the wrong direction vertically when pressing Up/Down.
- TCP Stream Window Scaling not working in version 2.6.1 and later.
- TCP stream graphs (Window scaling) axis display is confusing.
- LUA get_dissector does not give the correct dissector under 32-bit version.
- Lua: Segfault when registering a field or expert info twice.
- SSH can not decrypt when KEX is [email protected].
- Wireshark crash related to Lua DissectorTable.heuristic_new(), and more, you can check releases notes here.
Upgrading to Wireshark 4.25
Upgrading to the latest version of Wireshark is recommended to take advantage of the new features and security enhancements. The upgrade process is usually straightforward and can be done by following the instructions provided on the Wireshark website https://www.wireshark.org/download.html.
With Wireshark 4.25, network analysis enthusiasts and professionals have even more powerful tools at their disposal to dissect network traffic, troubleshoot issues, and ensure network security. Stay tuned for the official release notes to get a complete picture of everything Wireshark 4.25 has to offer.