Wireshark 4.6 wuxuu la yimid is-dhexgal cusub wuxuuna macsalaameeyay AirPcap iyo WinPcap

  • Is-dhexgalka cusub iyo astaamaha falanqaynta: wada-hadalka shirqoollada, isku-buufinta tooska ah, iyo hagaajinta waqtiga ISO 8601
  • Furitaanka Ciphers: NTP oo leh NTS, Horumarka MACsec, iyo Ikhtiyaarada Cusub ee TShark iyo Lua
  • Taageerida liis ballaaran oo borotokool iyo qaabab ah sida RIFF iyo TTL
  • Nabadgelyo AirPcap iyo WinPcap; isbedel ku tiirsanaanta iyo xirmooyinka Windows iyo macOS
Pablinux

Daqiiqado 7

Wireshark 4.6

Imaanshada Wireshark 4.6 Waxay u taagan tahay cusboonaysiin muhiim ah mid ka mid ah falanqeeyayaasha borotokoolka shabakadda ee aadka loo isticmaalo, sidii ay ahayd markii la daabacay. Nooca cusub ee Wireshark 3.0.0Siidayntani waxa ay soo bandhigaysaa dhawr astaamood oo loogu talagalay in lagu horumariyo aragga, qabashada waxqabadka, iyo la shaqaynta qalabyada kale, oo ay ku jiraan tiirarka hagaajinta, qaababka wakhtiga, iyo tirakoobyada.

Marka laga soo tago hagaajinta gudaha, mashruucu waxa uu ku xoojiyaa taageeradiisa madal-badan xirmooyinka la cusboonaysiiyay ee Windows iyo macOS, oo ay ku ilaaliso qaybinta Linux ee ilaha iyo qaababka Flatpak labadaba. Siideynta ayaa sidoo kale ka mid ah isbeddelada ku tiirsanaanta nidaamka iyo qaybaha, raadinta xasillooni weyn iyo meerto nololeed cad oo loogu talagalay isticmaalayaasha xirfadleyda ah.

Wireshark 4.6 Qodobbada ugu muhiimsan ee Falanqaynta iyo Aragtida

Mid ka mid ah kuwa ugu weyn ayaa ah wada hadal cusub "Plots"., kaas oo u oggolaanaya abuurista goobo kala firidhsan oo leh raadad badan, calaamado, iyo duubid toos ah. Tani waxay fududaynaysaa ogaanshaha muuqaalka degdega ah inta lagu jiro kalfadhiyada dheer ama inta lagu jiro isbeddelka qaababka taraafikada.

The cadaadin qabashada nool markaad wax ku qorayso saxanka, taas oo si gaar ah faa'iido u leh jawiga heerka sare ee baakidhka. Marka la barbar dhigo, qorista wakhtiga saxda ah ee wax soo saarka JSON (-T json) ayaa qaadanaysa foomka ISO 8601 ee UTC, iyo tiirarka wakhtiga UTC waxay muujinayaan daba-galka Z sida waafaqsan heerka.

Marka la eego decryption, Wireshark hadda wuu awoodaa fur NTP adoo isticmaalaya NTS (Security Time Network). Si ay tani u shaqeyso, waxaad u baahan tahay inaad haysato sirta macmiilka TLS, sirta dhoofiyaha, iyo xidhmooyinka. NTS-KE. Intaa waxaa dheer, awoodda wax ka qabashada MACsec waa la kordhiyay: waxaa suurtagal ah in la isticmaalo SAK oo ay soo saareen qaybiyaha MKA ama dhillo si toos ah loogu habeeyey qaybiyaha MACsec. Dhamaystirka, faasasyada ee TCP Stream Graph waxay isticmaashaa horgalayaasha SI, hagaajinta akhriska baaxadda.

Horumarinta Platform iyo hagaajinta qabashada

Linux, qabso filtarrada leh kordhinta BPF sida soo gelida, ka bixida iyo ifindex si toos ah ayaa loogu isticmaali karaa qabashada, taas oo albaabka u furaysa xaaladaha shaandhaynta heerka kernel horumarsan. Marka la sameeyo xirmo u dhigma, nooca hoose ee beeraha EUI-64 ayaa loo beddelay bytes, hagaajinta joogtaynta.

On macOS, Wireshark hadda waxay ka baaraandegi kartaa macluumaad dheeri ah taas tcpdump waxay bixisaa: habka xogta, xogta baakidhka, tilmaamayaasha socodka, ama dhacdooyinka khasaaraha, iyo kuwa kale. Tani waxay kobcinaysaa falanqaynta aaladaha Apple oo aan lahayn qaabayn adag.

Daaqadaha, rakibayaasha ayaa lagu qaybiyaa Npcap 1.83 (horay 1.79), iyo labadaba Windows iyo macOS xirmooyinka rasmiga ah waxay u guuraan Qt 6.9.3 ( hore 6.5.3). Rakibaadaha caalamiga ah waxaa lagu bixiyaa macOS, u shaqeeya Arm64 iyo Intel, fududaynta doorashada binary.

Tiirarka, Miisaska, iyo Adeegyada: Xakamaynta iyo Joogteynta badan ee Wireshark 4.6

Tiirarka gaarka ah waxay ku daraan ikhtiyaarka lagu muujinayo qiyamka qaab la mid ah sida faahfaahinta ee xirmada, ka fogaanshaha farqiga muuqaalka u dhexeeya darfaha. Intaa waxaa dheer, DNP3 hadda waxay ka muuqataa jaantusyada Wadahadal y Astaamaha dhamaadka, iyo faylka ethers-ku wuu taageersan yahay EUI-64 meelaynta magaca.

Wadahadalka dhoofinta kala qaybinta ee GUI karaa soo saar bytes hex ceeriin ee qaab-dhismeedka goob kasta, oo leh ama aan la dhoofin qiimaha goobta. Dhanka kale, Lua API, wuxuu ku darayaa taageerada Hawlaha sirta summeedka libgcrypt, kaas oo balaadhiya qorista iyo fursadaha otomaatiga ah.

Miisaska laftooda Wadahadal y Astaamaha dhamaadka Shidaal ayaa lagu daraa soo bandhigida tirinta byte saxda ah iyo xoogaa, halkii ay ka ahaan lahaayeen qaabab bini-aadmigu akhrin karo oo leh cutubyo SI. TShark wuxuu soo bandhigay dookha -o statistics.output_format si loo xakameeyo qaabka wax soo saarka ee qasabadaha qaarkood ee tirakoobka.

Soo dejinta, dhoofinta iyo socodka shaqada

Shaqada "Import from Hex Dump" iyo text2pcap hadda aqbal kooxaha 2 ilaa 4 bytes, taas oo sahlaysa in dib loo dhiso sawiro laga soo qaaday qashin qubka qoraalka ee kala duwan. Intaa waxaa dheer, laga bilaabo "Print" iyo "Dhoofinta Xirmooyinka Kala-baxa" waxaad ku dari kartaa jaantusyada waqtiyada sida hordhaca ah qashinka hex.

Liiska xirmooyinka iyo liiska dhacdooyinka Mar dambe ma oggolaadaan safafka laynka badan, kaas oo wanaajinaya wax-akhriska kana hortagaya boodada lama filaanka ah. Waxa kale oo ay ku jirtaa Lasoco Streamka loogu talagalay PID-yada MPEG-2 socodka gaadiidka, iyo HTTP/2 raadraaca kalfadhiyada 3GPP ee ka badan 5G waa la suurtogelin karaa si ikhtiyaari ah.

In the Edit menu ka muuqda «Nuqul › sida HTML» in aad nuqul ka sameysid qoraal cad oo leh tiirar toosan oo aad doorato qaabka marka aad isticmaalayso furayaasha kiiboodhka, halka View in lagu daro ikhtiyaarka gacanta dib u kala saar baakadaha. Marka Wireshark lagu soo ururiyey Qt 6.8 ama ka sareeya (sida rakibayaasha rasmiga ah), waa iftiin/mawduuc madow waxaa loo dejin karaa si ka madax banaan nidaamka nidaamka Windows iyo macOS.

Qaababka iyo borotokoolka lagu daro

Qaybta qaababka, Wireshark 4.6 ayaa ku daraysa RIFF iyo TTL codeing, oo ballaarinaysa gaaritaankeeda oo dhaafsiisan borotokoolka shabakadda.

Liistada borotokoolka cusub ee la taageeray waa mid ballaaran oo ka kooban qaybo badan: baakadaha warshadaha, baabuurta, IoT, satellite-ka, iyo mobilada. Kuwaas waxaa ka mid ah AKP, Binary HTTP, BIST TotalView-ITCH y BIST TotalView-OUCH, oo lagu daray dhowr waxyaabood oo Bluetooth iyo Bundle Protocol Security ah:

  • Xirmooyinka Furaha Asymmetrical (AKP)
  • Binary HTTP
  • BIST TotalView-ITCH (BIST-ITCH)
  • BIST TotalView-OUCH (BIST-OUCH)
  • Bluetooth Android HCI (HCI ANDROID)
  • Bluetooth Intel HCI (INTEL HCI)
  • BPSec COSE Context iyo BPSec Default SC
  • Borotokoolka Qabashada Commsignia (C2P)

Waxa kale oo imanaya tignoolajiyada shabakada mobilada, cabbiraadda iyo koobab gaar ah sida DECT NR+ (DECT-2020), DLMS/COSEM, Ephemeral Diffie-Hellman oo ka sarreeya COSE, ILNP, trailer LDA_NEO_TRAILER, LSDP, LLC V1 iyo hab-maamuuska gudaha vSomeIP:

  • DECT NR+ (DECT-2020 Raadiyaha Cusub)
  • DLMS/COSEM
  • Ephemeral Diffie-Hellman oo ka sarreeya COSE
  • Identifier-Locator Network Protocol (ILNP)
  • Qalabka LDA Neo Trailer (LDA_NEO_TRAILER)
  • Habka Helitaanka Adeegga Lenbrook (LSDP)
  • LLC V1
  • vSomeIP Internal Protocol (vSomeIP)

Dufcaddii waxay ku dhammaatay taageero Farriinta Navitrol, NTS-KE, LIDAR dareemayaasha sida Ka saar VLP-16, Ku dayashada Khadka Gaarka ah (PLE), RC V3, RCG, Waqti ku filan, SBAS L5 iyo bixinta eSIM fog SGP.22 y SGP.32:

  • Farriinta Navitrol
  • Nidaamka Badbaadada Wakhtiga Shabakadda (NTS-KE)
  • Ka saar VLP-16
  • Ku dayashada Khadka Gaarka ah (PLE)
  • RC V3 iyo RCG
  • Waqti ku filan
  • SBAS L5 Farriinta Navigation
  • SGP.22 Bixinta SIM-ka fog ee GSMA (SGP.22)
  • SGP.32 Bixinta SIM-ka fog ee GSMA (SGP.32)

Ugu dambeyntii, borotokoollada iyo kanaalada u janjeera dhanka otomaatiga iyo USB, iyo kuwa kale, ayaa lagu daray: Xanuunka Cola (ASCII iyo Binary), Silabs Debug Channel, XCP, USB-PTP iyo fariimo ka yimid VLP-16 xogta iyo booska.

Wireshark 4.6 Astaamaha Hawlgabka ah iyo Isbedelada Ku Tiirsiga

Noocan Wireshark joojiya taageeridda AirPcap iyo WinPcap. Nidaamyada Windows-ka, Npcap si caadi ah ayaa loo isticmaalaa, markaa WinPcap waa laga saari karaa haddii ay wali ku jirto nidaamka.

Taageerada noocyada ayaa sidoo kale la joojinayaa. 1 iyo 2 ee libnl (Netlink Protocol Library Suite), iyo libxml2 waxay noqotaa ku-tiirsanaan loo baahan yahay. Heerka dhismaha, ikhtiyaarka CMake ENABLE_STATIC waa laga saaray BUILD_SHARED_LIBS, midaynta shuruudaha habka isku-dubbaridka.

Wireshark 4.6 helitaanka iyo soo dejinta

Wireshark 4.6 waxaa laga soo dejisan karaa kaaga goobta rasmiga ah ee foomka code isha si loo ururiyo, iyo sidoo kale baakadaha horay loo soo ururiyey ee Windows iyo macOS. Kuwa soo socda ayaa sidoo kale halkaas laga heli karaa: qoraalada ka soo baxa sii deyntaan. On Linux, codsiga waxaa loo heli karaa sida Flatpak ku yaal Flathub, fududaynta geynteeda qaybo badan.

Haddii aad hore u isticmaali jirtay laanta 4.4 ama 4.2, waxaad ogaan doontaa in qaar badan oo ka mid ah horumaradan uma baahna isbeddel socodka oo si dabiici ah ugu biir shaqada maalinlaha ah: sawiro faa'iido badan, dhoofinta qani ah, iyo awoodaha cusub ee dejinta ayaa albaabka u furaya falanqaynta saxda ah iyada oo aan la hurin waxqabadka.

Siideyntani waxay xoojinaysaa Wireshark sidii qalab tixraaceed iyadoo ku daraysa aragti horumarsan, taageerada borotokoolka soo baxaya iyo in si taxadar leh loo ilaaliyo xirmooyinka iyo ku-tiirsanaanta, hoos u dhigida khilaafka kuwa maalin walba qabta taraafikada iyo kuwa kala saara qaabab gaar ah.

WireShark 3.0.0
Maqaalka laxiriira:
Nooca cusub ee Wireshark 3.0.0 ayaa yimid oo kuwanu waa warkiisa