-$Id$
+Wireshark 1.3.0 Release Notes
-== July 12, 2005
+ ------------------------------------------------------------------
-Ethereal 0.10.12 has been released.
+What is Wireshark?
-Our testing program has turned up several more security issues:
+ Wireshark is the world's most popular network protocol analyzer.
+ It is used for troubleshooting, analysis, development, and
+ education.
- The LDAP dissector could free static memory and crash.
- Versions affected: 0.8.5 to 0.10.11
+What's New
- The AgentX dissector could crash.
- Versions affected: 0.10.10 to 0.10.11
+ Bug Fixes
- The 802.3 dissector could go into an infinite loop.
- Versions affected: 0.8.16 to 0.10.11
+ The following vulnerabilities have been fixed. See the security
+ advisory for details and a workaround.
- The PER dissector could abort.
- Versions affected: 0.10.5 to 0.10.11
+ o The NetFlow dissector could run off with your dog, crash your
+ truck, and write a country music song about the experience.
- The DHCP dissector could go into an infinite loop.
- Versions affected: 0.10.7 to 0.10.11
+ Versions affected: 0.99.5 to 1.0.8
- The BER dissector could abort or loop infinitely.
- Version affected: 0.10.11
+ The following bugs have been fixed:
- The MEGACO dissector could go into an infinite loop.
- Versions affected: 0.9.14 to 0.10.11
+ o Wireshark could crash without warning.
- The GIOP dissector could dereference a null pointer.
- Versions affected: 0.8.20 to 0.10.11
+ New and Updated Features
- The SMB dissector was susceptible to a buffer overflow.
- Versions affected: 0.9.12 to 0.10.11
+ The following features are new (or have been significantly
+ updated) since version 1.0:
- The WBXML could dereference a null pointer.
- Versions affected: 0.10.1 to 0.10.11
+ o The packet list internals have been rewritten and are now more
+ efficient.
- The H1 dissector could go into an infinite loop.
- Versions affected: 0.8.15 to 0.10.11
+ o Capturing from pipes on Windows has been improved.
- The DOCSIS dissector could cause a crash.
- Versions affected: 0.9.13 to 0.10.11
+ New Protocol Support
- The SMPP dissector could go into an infinite loop.
- Versions affected: 0.10.1 to 0.10.11
+ Updated Protocol Support
- The AFP dissector was susceptible to a format string overflow.
- Versions affected: 0.9.4 to 0.10.11
+ New and Updated Capture File Support
- SCTP graphs could crash.
- Version affected: 0.10.11
+Getting Wireshark
- The HTTP dissector could crash.
- Versions affected: 0.10.4 to 0.10.11
+ Wireshark source code and installation packages are available from
+ the download page on the main web site.
- The SMB dissector could go into a large loop.
- Versions affected: 0.9.0 to 0.10.11
+ Vendor-supplied Packages
- The DCERPC dissector could crash.
- Versions affected: 0.9.16 to 0.10.11.
+ Most Linux and Unix vendors supply their own Wireshark packages.
+ You can usually install or upgrade Wireshark using the package
+ management system specific to that platform. A list of third-party
+ packages can be found on the download page on the Wireshark web
+ site.
- Several dissectors could crash while reassembling packets.
- Versions affected: 0.9.0 to 0.10.11
+File Locations
-
+ Wireshark and TShark look in several different locations for
+ preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
+ These locations vary from platform to platform. You can use
+ About->Folders to find the default locations on your system.
+Known Problems
- A separate review by Steve Grubb at Red Hat turned up the following
- issues:
+ Wireshark may appear offscreen on multi-monitor Windows systems.
+ (Bug 553)
- The CAMEL dissector could dereference a null pointer.
- Version affected: 0.10.11
+ Wireshark might make your system disassociate from a wireless
+ network on OS X. (Bug 1315)
- The DHCP dissector could crash.
- Versions affected: 0.10.4 to 0.10.11
+ Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
- The CAMEL dissector could crash.
- Versions affected: 0.10.10 to 0.10.11
+ Wireshark is unable to decrypt WPA group keys. (Bug 1420)
- The PER dissector could crash.
- Versions affected: 0.10.10 to 0.10.11
+ The BER dissector might infinitely loop. (Bug 1516)
- The RADIUS dissector could crash.
- Versions affected: 0.9.4 to 0.10.11
+ Wireshark can't dynamically update the packet list. This means
+ that host name resolutions above a certain response time threshold
+ won't show up in the packet list. (Bug 1605)
- The Telnet dissector could crash.
- Versions affected: 0.9.10 to 0.10.11
+ Capture filters aren't applied when capturing from named pipes.
+ (Bug 1814)
- The IS-IS LSP dissector could crash.
- Versions affected: 0.8.19 to 0.10.11
+ Wireshark might freeze when reading from a pipe. (Bug 2082)
- The NCP dissector could crash.
- Versions affected: 0.9.15 to 0.10.11
+ Capturing from named pipes might be delayed on Windows. (Bug 2200)
-
-
+ Filtering tshark captures with display filters (-R) no longer
+ works. (Bug 2234)
+Getting Help
- Ethereal uses the zlib compression library. Security vulnerabilities
- have been discovered in zlib 1.2.1 and 1.2.2. The Windows installer
- now ships with zlib 1.2.3, which fixes these vulnerabilities.
+ Community support is available on the wireshark-users mailing
+ list. Subscription information and archives for all of Wireshark's
+ mailing lists can be found on the web site.
+ Commercial support, training, and development services are
+ available from CACE Technologies.
-Please see the following advisory for more information:
-
- http://www.ethereal.com/appnotes/enpa-sa-00020.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- The Windows installer now includes the WinPcap 3.0 installer. You don't
- have to download and install it separately.
-
- RADIUS dictionaries are now included.
-
- A lot of documentation were updated
-
- Some command line parameters have changed, see
- the Ethereal / Tethereal manual pages
-
- A "File/File Set" submenu was added to better handle
- Ring buffer/Multiple Files
-
- Flow graphs can now be created for any protocol.
-
- Memory management has been greatly improved.
-
- JXTA has been added to the conversations menu.
-
- When compiled with MIT/Heimdal Kerberos and if keytab files are provided,
- Ethereal can now decrypt and dissect both SecureLDAP and encrypted DCE/RPC.
-
- TCP Sequence graphs should now work for all captures and all encapsulation
- types.
-
-New protocol support
-
-ACSE,
-ARMAGETRONAD,
-AudioCodes trunk trace,
-CSM_ENCAPS,
-DIS,
-FTAM,
-iFCP,
-Juniper PPPoE,
-MMS,
-MS MediaServer,
-MSRP,
-Parlay,
-Synergy,
-TANGO,
-WLAN Certificate Extensions,
-
-
-Updated protocol support
-
-802.11 Radiotap,
-9P,
-ACSE,
-AFP,
-AgentX,
-AIM,
-ANSI MAP,
-BACapp,
-BVLC,
-Camel,
-CLNP,
-CMIP,
-DCERPC,
-DCOM,
-DHCP,
-DHCP Failover,
-DHCPv6,
-DICOM,
-DNP,
-DNS,
-DOCSIS,
-EAP,
-Ethernet,
-FCIP,
-FC-SWILS,
-GIOP,
-GSM A,
-GSM MAP,
-GSSAPI,
-GTP,
-H.221,
-H.225,
-H.235,
-H.245,
-H.248,
-H.450,
-H1,
-HPSW,
-HTTP,
-HyperSCSI,
-ICMP,
-IEEE 802.3,
-IEEE 802.11,
-IP,
-IPDC,
-ISAKMP,
-iSCSI,
-iSNS,
-ISUP,
-JXTA,
-Kerberos,
-KINK,
-LDAP,
-LLC,
-LMP,
-LWAPP,
-MEGACO,
-MGCP,
-MMSE,
-NDMP,
-NDPS,
-NFS,
-NTLMSSP,
-OSI,
-PER,
-PPP,
-PRES,
-PROFINET,
-RDT,
-RMT,
-RPC,
-Rsync,
-RSVP,
-RTP,
-RTSP,
-SCSI,
-SCTP,
-SDP,
-SIP,
-SMB,
-SMPP,
-SNMP,
-SPNEGO,
-SSCOP,
-SSL,
-T.38,
-TCAP,
-TCP,
-Telnet,
-TFTP,
-TPKT,
-UDP,
-UDVM,
-UMA,
-V5UA,
-WBXML,
-WSP,
-XML,
-YMSG,
-YPSERV,
-
-New and updated capture file support
-
-HP Nettl, Tektronix K12
-
-
-== May 4, 2005
-
-Ethereal 0.10.11 has been released.
-
-An aggressive testing program as well as independent discovery has turned
-up a multitude of security issues:
-
- The ANSI A dissector was susceptible to format string vulnerabilities.
- Discovered by Bryan Fulton.
- Versions affected: 0.9.15 to 0.10.10
-
- The GSM MAP dissector could crash.
- Versions affected: 0.10.0 to 0.10.10
-
- The AIM dissector could cause a crash.
- Versions affected: 0.9.14 to 0.10.10
-
- The DISTCC dissector was susceptible to a buffer overflow.
- Discovered by Ilja van Sprundel
- Versions affected: 0.9.13 to 0.10.10
-
- The FCELS dissector was susceptible to a buffer overflow.
- Discovered by Neil Kettle
- Versions affected: 0.9.9 to 0.10.10
-
- The SIP dissector was susceptible to a buffer overflow.
- Discovered by Ejovi Nuwere.
- Versions affected: 0.10.0 to 0.10.10
-
- The KINK dissector was susceptible to a null pointer exception,
- endless looping, and other problems.
- Versions affected: 0.10.10
-
- The LMP dissector was susceptible to an endless loop.
- Versions affected: 0.9.4 to 0.10.10
-
- The Telnet dissector could abort.
- Versions affected: 0.9.10 to 0.10.10
-
- The TZSP dissector could cause a segmentation fault.
- Versions affected: 0.10.10 to 0.10.10
-
- The WSP dissector was susceptible to a null pointer exception and
- assertions.
- Versions affected: 0.10.0 to 0.10.10
-
- The 802.3 Slow protocols dissector could throw an assertion.
- Versions affected: 0.10.10
-
- The BER dissector could throw assertions.
- Versions affected: 0.10.2 to 0.10.10
-
- The SMB Mailslot dissector was susceptible to a null pointer exception
- and could throw assertions.
- Versions affected: 0.9.0 to 0.10.10
-
- The H.245 dissector was susceptible to a null pointer exception.
- Versions affected: 0.10.10
-
- The Bittorrent dissector could cause a segmentation fault.
- Versions affected: 0.10.8 to 0.10.10
-
- The SMB dissector could cause a segmentation fault and throw assertions.
- Versions affected: 0.9.0 to 0.10.10
-
- The Fibre Channel dissector could cause a crash.
- Versions affected: 0.9.9 to 0.10.10
-
- The DICOM dissector could attempt to allocate large amounts of memory.
- Versions affected: 0.10.4 to 0.10.10
-
- The MGCP dissector was susceptible to a null pointer exception, could
- loop indefinitely, and segfault.
- Versions affected: 0.8.14 to 0.10.10
-
- The RSVP dissector could loop indefinitely.
- Versions affected: 0.9.8 to 0.10.10
-
- The DHCP dissector was susceptible to format string vulnerabilities, and
- could abort.
- Versions affected: 0.10.7 to 0.10.10
-
- The SRVLOC dissector could crash unexpectedly or go into an infinite loop.
- Versions affected: 0.9.8 to 0.10.10
-
- The EIGRP dissector could loop indefinitely.
- Versions affected: 0.8.18 to 0.10.10
-
- The ISIS dissector could overflow a buffer.
- Versions affected: 0.8.18 to 0.10.10
-
- The CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified,
- and X.509 dissectors could overflow buffers.
- Versions affected: 0.10.4 to 0.10.10
-
- The NDPS dissector could exhaust system memory or cause an assertion,
- or crash.
- Versions affected: 0.9.12 to 0.10.10
-
- The Q.931 dissector could try to free a null pointer and overflow
- a buffer.
- Versions affected: 0.10.10
-
- The IAX2 dissector could throw an assertion.
- Versions affected: 0.10.1 to 0.10.10
-
- The ICEP dissector could try to free the same memory twice.
- Versions affected: 0.10.7 to 0.10.10
-
- The MEGACO dissector was susceptible to an infinite loop and a buffer
- overflow.
- Versions affected: 0.9.14 to 0.10.10
-
- The DLSw dissector was susceptible to an infinite loop.
- Versions affected: 0.9.1 to 0.10.10
-
- The RPC dissector was susceptible to a null pointer exception.
- Versions affected: 0.9.2 to 0.10.10
-
- The NCP dissector could overflow a buffer or loop for a large amount
- of time.
- Versions affected: 0.10.5 to 0.10.10
-
- The RADIUS dissector could throw an assertion.
- Versions affected: 0.10.3 to 0.10.10
-
- The GSM dissector could access an invalid pointer.
- Versions affected: 0.10.10
-
- The SMB PIPE dissector could throw an assertion.
- Versions affected: 0.9.0 to 0.10.10
-
- The L2TP dissector was susceptible to an infinite loop.
- Versions affected: 0.10.9 to 0.10.10
-
- The SMB NETLOGON dissector could dereference a null pointer.
- Versions affected: 0.9.12 to 0.10.10
-
- The MRDISC dissector could throw an assertion.
- Versions affected: 0.8.19 to 0.10.10
-
- The ISUP dissector could overflow a buffer or cause a segmentation fault.
- Versions affected: 0.8.19 to 0.10.10
-
- The LDAP dissector could crash.
- Versions affected: 0.10.1 to 0.10.10
-
- The TCAP dissector could overflow a buffer or throw an assertion.
- Versions affected: 0.10.8 to 0.10.10
-
- The NTLMSSP dissector could crash.
- Versions affected: 0.9.7 to 0.10.10
-
-
- Additionally, a number of dissectors could throw an assertion when
- passing an invalid protocol tree item length.
- Versions affected: 0.10.8 to 0.10.10
-
-
-Please see the following advisory for more information:
-
- http://www.ethereal.com/appnotes/enpa-sa-00019.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
-
-
-New protocol support
-
-
-
-Updated protocol support
-
-
-
-New and updated capture file support
-
-
-
-
-== March 11, 2005
-
-Ethereal 0.10.10 has been released.
-
-This release fixes three security and stability-related issues:
-
- Matevz Pustisek discovered a buffer overflow in the Etheric dissector.
- (CAN-2005-0704)
-
- The GPRS-LLC dissector could crash if the "ignore cipher bit" option
- was enabled. (CAN-2005-0705)
-
- Diego Giago discovered a buffer overflow in the 3GPP2 A11 dissector.
- This flaw was later reported by Leon Juranic. (CAN-2005-0699)
-
- Leon Juranic discovered a buffer overflow in the IAPP dissector.
-
- A bug in the JXTA dissector could make Ethereal crash.
-
- A bug in the sFlow dissector could make Ethereal crash.
-
-
-Please see the following advisory for more information:
-
- http://www.ethereal.com/appnotes/enpa-sa-00018.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- Tree view item context menus now let you browse to the display filter
- reference and wiki pages for a particular protocol.
-
- Online help has been expanded.
-
- VoIP call analysis (including nifty connection diagrams) has been
- added.
-
- GSS-API decryption has been greatly enhanced.
-
-
-New protocol support
-
- AgentX, BUDB, DTP, G.723, IDP, INAP, KINK, Realplayer Data Protocol,
- Retix Spanning Tree Protocol, RTCP-XR, XML, XNS, SPP
-
-
-Updated protocol support
-
- 3GPP2 A11, ACSE, AMR, ATM, BER, BSSGP, BUTC, CDP, CLNP, CoSine L2,
- DAAP, DCE/RPC, DCOM, DIAMETER, DNP, DNS, Etheric, FCP, FW-1, Gnutella,
- GPRS, GSM A, GSM MAP, H.225, H.245, H.248, H.450, HTTP, IAX2, ICQ,
- IEEE 802.11, IEEE 802.3 Slow Protocols, IP, iSCSI, ISUP, Juniper,
- JXTA, Kerberos, L2TP, LDAP, MIP, MPLS, NDMP, NSIP, NTP, OSPF, OXID,
- PostgreSQL, RADIUS, RDT, Redback, RMCP, RTP, RTSP, SCSI, SCTP, SDP,
- SPNEGO, SSL, STUN, TCAP, TCP, TZSP
-
-
-New and updated capture file support
-
- DBS Etherwatch, Lucent/Ascend, Nettl, Tcpdump (Redback)
-
-
-== January 19, 2005
-
-Ethereal 0.10.9 has been released.
-
-This release fixes the following security-related issues:
-
- The COPS dissector could go into an infinite loop. (CAN-2005-0006)
-
- The DLSw dissector could cause an assertion, making Ethereal exit
- prematurely. (CAN-2005-0007)
-
- The DNP dissector could cause memory corruption. (CAN-2005-0008)
-
- The Gnutella dissector could cause an assertion, making Ethereal
- exit prematurely. (CAN-2005-0009)
-
- The MMSE dissector could free static memory. (CAN-2005-0010)
-
- The X11 protocol dissector is vulnerable to a string buffer overflow.
- (CAN-2005-0084)
-
-Please see the following advisory for more information:
-
- http://www.ethereal.com/appnotes/enpa-sa-00017.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- Ethereal will now detect and flag weak 802.11 WEP IVs.
-
- Windows Sniffer timestamp handling has been greatly improved.
-
- A bug which made Ethereal crash at startup on Windows 98 and Windows
- ME systems has been fixed.
-
- Ethereal and Tethereal now support a personal "hosts" file.
-
- Invalid field length handling has been greatly improved.
-
- The capture progress window title now shows the interface name.
-
-
-New protocol support
-
- ALC, AMR, CRMF, JXTA, NORM, PKIXCMP, PROFINET CBA
-
-Updated protocol support
-
- AIM, ARP, BGP, BOOTP/DHCP, COPS, DAAP, DCERPC EPM, DCERPC, DCOM,
- DHCPv6, DLSw, DNP, DNS, EAPOL, eDonkey, FC-dNS, FC-FCS, FC-SWILS,
- FCIP, FCSB3, FIX, GIOP, Gnutella, GSM A, GSM SMS, GTP, H.225, H.245,
- HTTP, ICMP, IEEE 802.11, IEEE 802a, image/GIF, image/JFIF, Kerberos,
- L2TP, LDAP, LLC, LMP, MGCP, MIME Multipart, MMSE, MPLS, MTP2, NBNS,
- NDMP, NMAS, NSIP, OLSR, PER, pflog, PGM, PostgreSQL, PPP, PRES, Q.931,
- RADIUS, RTCP, RTP, SDP, SEBEK, SIGCOMP, SIP, SLSK, SMB, SMPP, SRVLOC,
- SSL/TLS, T.38, TACACS, TCAP, TCP, X11
-
-
-New and updated capture file support
-
- Windows Sniffer
-
-== December 15, 2004
-
-Ethereal 0.10.8 has been released.
-
-This release fixes the following security-related issues:
-
- Matthew Bing discovered a bug in DICOM dissection that could make
- Ethereal crash. (CAN-2004-1139)
-
- An invalid RTP timestamp could make Ethereal hang and create a large
- temporary file, possibly filling available disk space. (CAN-2004-1140)
-
- The HTTP dissector could access previously-freed memory, causing a
- crash. (CAN-2004-1141)
-
- Brian Caswell discovered that an improperly formatted SMB packet could
- make Ethereal hang, maximizing CPU utilization. (CAN-2004-1142)
-
-Please see the following advisory for more information:
-
- http://www.ethereal.com/appnotes/enpa-sa-00016.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- Ethereal now has a packet history, similar to most web browsers.
-
- Ethereal now supports custom window titles.
-
- Minor performance enhancements have been added.
-
- RTP analysis has been enhanced.
-
- Host name resolution has been improved.
-
- Ethereal can now track TCP PDU times. See
- http://wiki.ethereal.com/TcpPduTime for more details.
-
- Ethereal now ships with netscreen2dump.py, a utility which converts
- netscreen packet-trace hex dumps to hex dumps that can be read by
- text2pcap.
-
-
-New protocol support
-
- AoE (ATA over Ethernet), Bittorrent, CMIP, GPRS Mobility Management
- and Session Management, GSM MAP, Extended Security Services, Logotype
- Certificate Extensions, MAP Dialogue, Network Service Over IP, Online
- Certificate Status Protocol, PKIX Certificate, PKIX Qualified, PROFINET
- DCP, IO, Real-Time, Short Message Relaying Service, SSCF-NNI,
-
-
-Updated protocol support
-
- 3GPP2 A11, ACSE, AIM, AODV, ASN.1 BER, ASN.1 PER, BOOTP, BSSGP, BVLC,
- CMS, COPS, DCERPC, DCERPC ISystemActivator, DICOM, DHCPv6, DNS, eDonkey,
- ENTTEC, Etheric, Frame Relay, FTAM, FW1, GIOP, GPRS LLC, GRE, GSM A,
- GSM SMS, H.225, H.245, H.450, HTTP, IPAddress, IPDC, IPMI, IPsec,
- ISAKMP, ISUP, JFIF, Kerberos, MQ, MTP3, NMAS, OPSI, PKIX1EXPLICIT,
- PKIX1IMPLICIT, PKIXProxy, PPP, PRES, Radiotap, RADIUS, ONC RPC, RTnet,
- RTP, SAP, SDP, SIGCOMP, SIGCOMP UDVM, SIP, SMB, SNMP, SONMP, SSCOP,
- SSL, Symantec Firewall, T.38, TCP, TDS, TSP, UDP, WSP, WTP, X.25,
- X.509af, X.509ce, X.509if, X.509sat,
-
-
-New and updated capture file support
-
- pppdump
-
-
-== October 20, 2004
-
-Ethereal 0.10.7 has been released.
-
- The Windows installer features new GLib/GTK+, Net-SNMP and ADNS
- libraries which fix several known bugs. Unfortunately, a few known
- GLib/GTK+ bugs remain.
-
- In order to avoid a naming conflict with the tcpreplay project, the
- "capinfo" utility has been renamed to "capinfos".
-
-
-New and updated features
-
- Search wrapping is now a configurable option.
-
- A lot of material has been added to the Developer's Guide. The User's Guide
- has been updated as well.
-
- The "Decode As..." dialog now supports DCERPC and SCTP.
-
- The "Help" menu now includes a link to the wiki.
-
- H.323 call analysis is now supported.
-
-
-New protocol support
-
- Cisco PAgP, DAAP, Etheric, Ethernet Configuration Testing Protocol,
- Ethernet MAC Control Frame, ICE, Kerberos v4, Netscape certificate
- extensions, PKINIT, PKIX1EXPLICIT, PKIX1IMPLICIT,
-
-
-Updated protocol support
-
- AIM, ARTNET, ASN.1 BER, ASN.1 PER, ASN.1, BGP, BOOTP, CIP, CLNP, COPS,
- DCERPC MAPI, DCERPC SAMR, DCERPC, DCOM, DHCP, DHCPv6, DIAMETER, DNS,
- EAP, ENIP, EPM, GRE, GSM A, GSM MAP, H.225, H.245, H.248 MEGACO, H.450,
- ISAKMP, iSCSI, iSNS, ISUP, JFIF, Kerberos, LDAP, LDP, LLC, LWAPP, M2PA,
- MEGACO, MPLS, NCP 2222, NCP, NDMP, NetFlow, NTLMSSP, OSCAR-ICQ, OSPF,
- RADIUS, RSVP, RTCP, RTP, RTSP, SCTP, SDP, SES, SIP, Skinny, SMB, SNMP,
- SUA, T.38, TALI, TCAP, TCP, TDS, Teredo, Time, X.509, X11,
-
-
-New and updated capture file support
-
- HP-UX nettl, NG Sniffer
-
-
-== August 12, 2004
-
-Ethereal 0.10.6 has been released.
-
- This release fixes a preferences bug present in Ethereal which displayed
-
- (ethereal.exe:3512): Gtk-CRITICAL **: file gtkwindow.c: line 3107
- (gtk_window_resize): assertion `height > 0' failed
-
- at program startup. A workaround for 0.10.5 is described in
-
- http://www.ethereal.com/lists/ethereal-users/200408/msg00059.html
-
- A new command-line utility called "capinfo" has been added to the
- distribution which prints statistics about capture files.
-
- You can now copy conversation and endpoint data to other applications as
- CSV data.
-
-
-New and updated features
-
- X.509 support has been added.
-
- Crash bugs have been fixed in the RTP and NCP dissectors.
-
- PostScript(r) output has been improved.
-
- A bug that prevented mergecap from creating a new output file has been
- fixed.
-
- Conversation and endpoint performance has been enhanced. General packet
- display performance has been enhanced.
-
- The conversation and host list tools have been renamed to be less
- confusing.
-
- You can now copy conversation and host list data as CSV data.
-
- RTP analysis can now dynamically determine the proper clock rate.
-
-
-New protocol support
-
- AX/4000, CMS, DCERPC (EVENTLOG, FRSAPI, FRSRPC), MANOLITO, PKCS#1,
- X.509AF, X.509CE, X.509IF, X.509SAT
-
-
-Updated protocol support
-
- 802.11, AIM, ASAP, ASN.1 BER, ASN.1, COPS, DCM, DHCP Failover (ISC),
- ENRP, Fibre Channel, GIOP, GSSAPI, GTP, HTTP, ICAP, iSNS, Kerberos,
- MPLS, NCP, NTLMSSP, OPSI, OSPF, PRES, RADIUS, Rlogin, RSVP, RTPS, RTSP,
- SCTP, Sigcomp, Skinny, SMB BROWSER, SMB, SNMP, SSL, TDS, Telnet
-
-
-New and updated capture file support
-
- LANalyzer
-
-
-== July 7, 2004
-
-Ethereal 0.10.5 has been released.
-
-
-This release fixes bugs in iSNS, SMB, and SNMP, as described in the
-following advisory:
-
- http://www.ethereal.com/appnotes/enpa-sa-00015.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- Ethereal can now merge multiple files (you don't have to resort to
- mergecap on the command line).
-
- A preview pane has been added to the file dialog.
-
- The capture progress dialog can now be disabled.
-
- The about dialog has received further improvements.
-
- The behavior of Ethereal's dialog windows has been normalized somewhat.
-
- The Windows installer can now associate standard file extensions
- with Ethereal.
-
- Ethereal can be configured not to bug you about unsaved captures.
-
- Ethereal can open help documentation using the default web browser.
-
-
-New protocol support
-
- DNP, ENRP, giFT, H.235, PacketCable, SigComp, SIR (Serial Infrared)
-
-
-Updated protocol support
-
- AIM, ASAP, ASN.1 BER, ARP, ATM, DHCP, CFPI, CLNP, DCERPC (DCERPC, LSA,
- NT, SAMR, SRVSVC, WKSSVC), EAP, ENIP, Frame Relay, GRE, H.225, H.245,
- H.450, HTTP, IAX2, IEEE 802.11, ISAKMP, iSNS, ISUP, JFIF, Kerberos, LMP,
- M3UA, MGCP, MPLS, MTP3, NCP, NetFlow, NFS, OSPF, PIM, RADIUS, RIP, RSVP,
- RTCP, RTP, RTSP, SCSI, SDP, SIP, SMB, SMTP, SNMP, SOCKS, SSL, T.35, TCP,
- VRRP, WBXML (User-Agent Profile), WSP, X11
-
-
-New and updated capture file support
-
- Radcom
-
-
-== May 13, 2004
-
-Ethereal 0.10.4 has been released.
-
-This release fixes bugs in AIM, MMSE, SIP, and SPNEGO, as described in
-the following advisory:
-
- http://www.ethereal.com/appnotes/enpa-sa-00014.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- When built with GTK+ 2.4, Ethereal uses the new, greatly improved, file
- selection dialog.
-
- Export dialogs for Plain text, PostScript(R), PDML and PSML have been added.
-
- PostScript(R) output has been improved.
-
- The screen layout of the main window can be changed by Preferences now.
-
- Many other parts of the user interface have received improvements.
-
- Compressed and chunked transfer-coded HTTP bodies are now decoded.
-
- A new generic media dissector more cleanly handles HTTP and WSP
- Content-Type information.
-
-
-New protocol support
-
- ANSI IS-801, BEA Tuxedo, DCERPC EFS, DICOM, GPRS LLC, GPRS SNDCP,
- IEEE 1588/PTP, PVSTP, MPLS Echo, RTPS
-
-
-Updated protocol support
-
- 3G A11, ACSE, AFS, AIM, ANSI MAP, ASN.1 (BER, PER), BACnet, CHDLC, COPS,
- DCERPC (LSA, NETLOGON, SAMR, SVCCTL, SPOOLS) DHCP, DIAMETER, EAPOL,
- FTAM, GSM, GTP, H.225, HTTP, ICMPv6, IPv4, IPv6, IPDC, IPMI, iSNS,
- ISUP, Kerberos, LDAP, LDP, MEGACO, MIPv6, MMSE, MQ, MTP3, NTLMSSP,
- RADIUS, RPC, RTCP, RTPS, RUDP, SCTP, SIP, SLSK, SMB, SPNEGO, TCP,
- Time, WBXML (EMN, SI, WV-CSP), WCCP, WSP, X11, YMSG
-
-
-Capture file support
-
- EyeSDN, nettl
-
-
-== March 25, 2004
-
-Ethereal 0.10.3 has been released.
-
-This release fixes several security bugs described in the following
-advisory:
-
- http://www.ethereal.com/appnotes/enpa-sa-00013.html
-
-Everyone is encouraged to upgrade.
-
-
-New and updated features
-
- Display filters now support the bitwise and (&) operator.
-
- Protocol hierarchy statistics now have bandwidth columns.
-
- The capture dialog has a new layout.
-
-
-New protocol support
-
- 3G A11 Cisco SS7 (RUDP, RLM, and Session Management), FTAM, IPDC,
- MQ, Presentation, SLSK,
-
-
-Updated protocol support
-
- 802.11, AFP, AIM/Oscar, Axent Raptor/Symantec Enterprise firewall,
- BER, BGP, CDP, DCCP, DCERPC NETLOGON, DCERPC RS_PGO, DCERPC
- RS_PROP_PLCY, DCERPC, DCERPD SAMR, DIAMETER, DOCSIS, E.164, EIGRP,
- FCFCS, GSM A, GSM MAP, GSM SMS, GTP, H.225, IGAP, IrDA, ISUP,
- Kerberos, M2PA, M3UA, MTP3, NBNS, NCP, NDMP, Netflow, PER, PGM,
- PostgreSQL, Q.931, Q.933, Quake 2, RADIUS, RSVP, RTSP, SCTP, SMB,
- SNA, TCAP, TCP, UCP, WBXML, WSP, X11, xDLC
-
-
-Capture file support
-
- EyeSDN, libpcap (tcpdump)
-
-
-== February 23, 2004
-
-Ethereal 0.10.2 has been released.
-
-This release fixes two major bugs in 0.10.1:
-
- Under Windows, the error
-
- ** WARNING **: error opening
- /usr/local/share/ethereal/asn1/default.tt, No such file or
- directory
-
- would be printed at startup.
-
- The 0.10.1 source release was missing several files required for
- compiling.
-
-
-New and updated features
-
- The user interface has received further updates. The Statistics
- menu
- layout has been improved, as well as the capture options dialog
- layout.
-
-
-New protocol support
-
- Cisco Cast Client Control Protocol
-
-
-Updated protocol support
-
- AppleTalk, ASN.1, DCERPC, Diameter, FCSP, GSM A, GSM MAP, GSM SMS,
- HTTP,
- IEEE 802.3, Kerberos, MSN Messenger, PostgreSQL, Q.931, RPL, Skinny,
- TCAP, TDS
-
-
-== February 18, 2004
-
-Ethereal 0.10.1 has been released.
-
-
-New and updated features
-
- The Windows installer now lets you choose between the traditional
- GTK+
- version 1 interface and a new GTK+ 2 interface.
-
- Several updates were made to Ethereal's user interface. The "File"
- menu
- now has a "most recently used" list. The help menu was greatly
- expanded.
-
- The "matches" operator now handles more data types. For example,
- you can
- now use
-
- smtp matches joespammer@example.com
-
- as a display filter.
-
- I/O statistics now support 1ms resolution.
-
-Bug fixes
-
- A column resorting crash on the Windows platform was fixed.
-
-New protocol support
-
- EDP, IAX2, IrDA, ISMP, OLSR, PostgreSQL, PRES, V5UA
-
-Updated protocol support
-
- ACSE, AFP, AIM, ANSI MAP, ARCNET, ASN.1, BEEP, BGP, BPDU, BSSAP,
- CLNP,
- COPS, CPHA, DCERPC AFS4INT, FLDB, RPRIV, RS_REPADM, STAT, SVCCTL,
- TRKSVR, WKSSVC, DCERPC, DHCPv6, DNS, DOCSIS, EAP, ENIP, ESIS, FC,
- FC-IP,
- FC-SB3, FW-1, GIF (OK, so it's a file format and not a protocol per
- se),
- GIOP, GRE, GSM MAP, GSM SMS, GTP, H.225, H.245, H.450, HTTP, ICMPv6,
- IEEE 802.11, IPMI, IPv4, IPv6, IPX, ISAKMP, iSCSI, ISDN, ISUP, JFIF,
- Kerberos, KPASSWD, L2TP, LDAP, LDP, LWAPP, MGCP, MLD, MMSE, Mobile
- IPv6,
- MSPROXY, MTP3, NBNS, NCP, NDMP, NFS, OSI, OSPF, PER, PGM, Q.931,
- RADIUS,
- RMI, RSTAT, RTP, RTSP, SCCP, SDP, SES, SIP, SLL, SLSK, SMB, SMPP,
- SNMP,
- SOCKS, SRVLOC, SSH, SSL, STUN, T.38, TACACS, TCAP, TDS, Telnet,
- Teredo,
- Text, TFTP, TZSP, UDP, Vines, WAP, WBXML, WSP, WTP, X11
-
-
-Updated capture file support
-
- DBS EtherWatch, EtherPeek/AiroPeek, EyeSDN, LANAlzyer, NetXRay,
- Snoop
-
-
-== December 12, 2003
-
-Ethereal 0.10.0 has been released.
-
- This release fixes issues in the SMB and Q.931 dissectors that could
- make Ethereal and Tethereal crash. See
-
- http://www.ethereal.com/appnotes/enpa-sa-00012.html
-
- for more details.
-
-New and updated features
-
- Many performance improvements have been made to the code. Most
- users
- should see a 2x to 3x performance increase when loading and working
- with
- capture files.
-
- A "matches" display filter operator has been added. It is similar
- to
- the "contains" operator, but supports Perl-compatible regular
- expressions.
-
- Tethereal can now dump packet data in XML (PDML) format.
-
- The main application menus have been rearranged and the help windows
- have been revamped, along with a host of other UI enhancements.
-
- The capture progress window now features bar graphs.
-
- The GLib, GTK+, Net-SNMP, and zlib libraries that ship with the
- Windows
- installer have been updated.
-
-New protocol support
-
- BFD, CCSDS, CPFI, DCE/RPC {BUDB, EPM4, ICL_RPC, RS_PLCY,
- RS_PROP_ACCT}
- IGAP, ISO 8327-1 SES, MS Kpasswd, RTCFG, SEBEK,
-
-Updated protocol support
-
- ACN, AFP, ANSI A, ANSI MAP, ASN.1, BSMAP, BSSAP, CPFI, DCE/RPC
- {DCOM,
- EPM, NDR, SRVSVC, STAT, WKSSVC}, DCE/RPC, DHCP, DNS, DOCSIS, DSI,
- DTAP,
- ENTTEC, FC ELS, FC FZS, FC-SP, FC-SWILS, GIOP, GPRS NS, GSM A, GSM
- MAP,
- H.225, H.450, HTTP, ICMP, IPv6, IS-IS, ISAKMP, ISUP, Kerberos, LDAP,
- LDP, MIPv6, MMSE, MS Proxy, MTP3, NCP 2222, NTP, PIM, RADIUS, RANAP,
- RDM, RSVP, RTCP, RTP, SCCP, SDP, SIP, SMB, SMPP, SOCKS, SONMP,
- SRVLOC,
- SSL, TACACS, TCAP, TCP, TPKT, TZSP, UCP, WAP, WBXML, WLAN, WSP, WTP
-
-
-Updated capture file support
-
- AiroPeek v9 (2.x) support was added. Network Instruments Observer
- and
- Snoop support was updated.
-
-
-== November 2, 2003
-
-Ethereal 0.9.16 has been released.
-
- This release fixes potential security issues with the GTP, ISAKMP,
- MEGACO, and SOCKS dissectors. See
-
- http://www.ethereal.com/appnotes/enpa-sa-00011.html
-
- for more details.
-
-New and updated features
-
- Ethereal has leapt forward into the 90's and added a toolbar.
-
- Ethereal and Tethereal can now force the data link type of captured
- frames.
-
- RTP analysis has been enhanced.
-
- Individual frames can now be marked as time references
-
- Service response time and general I/O statistics have been enhanced.
- I/O
- statistics can now calculate client load (experimental).
-
-New protocol support
-
- ACN, ALCAP, ANSI MAP, ASN.1 BER, BSSAP, DCE/RPC DRSUAPI, DCE/RPC
- INITSHUTDOWN, DCE/RPC RS_BIND, FC-SP, FICON, GSM BSSMAP, GSM DTAP,
- GSM
- SMS TPDU, GSM SMS, GSM SS, H.450, IOS 4.0.1 IS-637-A (SMS), IS-683-A
- (OTA), T.38, TCAP, TPCP
-
-Updated protocol support
-
- AODV, ASN.1 PER, BSSGP, CDP, Cisco HDLC, COPS, DCE/RPC BROWSER,
- DCE/RPC
- DNSSERVER, DCE/RPC EPM, DCE/RPC LSA, DCE/RPC Messenger, DCE/RPC REG,
- DCE/RPC SVCCTL, DCE/RPC, DFS, DHCPv6, DOCSIS, EAPOL, ENIP, Frame
- Relay,
- FTP, GPRS, Gryphon, GTP, H.225, H.245, HTTP, ICMP, IEEE 802.11, IPX,
- ISAKMP, ISUP, LAPB, Laplink, LWAPP, MAPI, MDSHDR, MEGACO, MPLS, NCP,
- NDPS, NETLOGON, NFS, NTLMSSP, OSPF, OXID, PPP, Q.931, Q.933, RANAP,
- RIP,
- RTP, SAMR, SCCP, SCSI, SCTP, SDP, SIP, SMB, SMPP, SNMP, SOCKS,
- SONMP,
- SPOOLSS SRVLOC, SRVSVC, T.35, TACACS+, TAPI, TCP, TZSP, WKSSVC, WSP,
- X.25, Yahoo! Messenger
-
-
-Updated capture file support
-
- Linux Bluez Bluetooth hcidump support has been added.
-
- Endace ERF and Network Instruments Observer, and NetXRay support has
- been enhanced.
-
-
-== September 9, 2003
-
-Ethereal 0.9.15 has been released.
-
-New and updated features
-
- Many often-requested features have been added with this release. If
- you're running an older version of Ethereal you may want to have a
- look.
-
- Conversation List (aka "top talker") support has been added to
- Ethereal
- and Tethereal. Protocol statistics in general have been updated.
-
- Searching capture files has been improved even more -- a new
- "contains"
- display filter operator that searches for strings in PDUs has been
- added. The Find dialog now supports case-insensitive searches, hex
- data
- searches, and more.
-
- An H.225 dissector has been added. It can automatically recognize
- RTP
- and RTCP conversations.
-
- A preference file has been added for disabled protocols.
-
- Color filters may now be imported and exported from within Ethereal.
-
- A new column type has been added for cumulative bytes.
-
-
-New protocols
-
- GPRS BSSGP, GPRS NS, H.225, H.263, LWAPP, Laplink, Q.933, STUN
-
-
-Updated protocols
-
- ArtNet, BOOTP/DHCP, DCE/RPC, DCERPCSTAT, DHCPv6, DOCSIS, ENIP,
- Ethernet,
- FCIP, Frame Relay, H.245, HTTP, IPsec, iSCSI, LDAP, LWRES, M2UA,
- M3UA,
- MEGACO, MTP3, NCP, NDPS, NFS, NTLMSSP, PPTP, Q.931, RPC, SAMR, SCCP,
- SCTP, SIP, SMB, SMPP, SNA, SNMP, SRVLOC, SUA, TCP, TDS, UCD, UDP,
- WSP,
-
-
-Updated capture file support
-
- Support for Accellent 5Views and Endace ERF capture files was added.
- CheckPoint FW-1 and Novell LANalyzer support has been enhanced.
-
-
-== July 23, 2003
-
-Ethereal 0.9.14 has been released.
-
-New and updated features
-
- The ringbuffer code has been (nearly) completely rewritten. It now
- supports an unlimited number of files.
-
- Ethereal now supports searching for arbitrary text and binary data
- in
- frames.
-
- Service response time statistics have been enhanced.
-
- Tethereal, the text-mode version of Ethereal, can now be compiled
- without capture support.
-
-
-New and updated features
-
- Echo, eDonkey, Jabber, MS Messenger, sFlow
-
-
-Updated protocols
-
- AODV, AODV6, Boardwalk, DCE-RPC, ENIP, Fibre Channel, FIX, FW1,
- H.245,
- IGMP, IPsec, IS-IS, iSCSI, ISUP, LDAP, LDP, M2UA, MEGACO, MTP3,
- NDS,
- NETLOGON, NTLMSSP, NTP, Q.2931, Q.931, SAMR, SCCP, SCSI, SMB, SMPP,
- SNA,
- SNMP, SPNEGO, SPOOLSS, SRVLOC, UCP, Vines, VRRP, WBXML, WEP, WSP,
- WTP,
- X11, Zebra
-
-
-Updated capture file support
-
- LANalyzer, NetXRay
-
-
-== June 11, 2003
-
-Ethereal 0.9.13 has been released.
-
- This release fixes a large number of security issues discovered by
- Timo
- Sirainen and others. See
-
- http://www.ethereal.com/appnotes/enpa-sa-00010.html
-
- for more details.
-
-New and updated features
-
- Ethereal now supports a system-wide color filter file.
-
- Support for the GNU ADNS library has been added. ADNS allows
- asynchronous DNS lookups.
-
- "Decode As..." functionality has been added to Tethereal via the "-
- d"
- flag.
-
- The HTTP, FTP, POP, SMTP, IMAP, and ACAP requests and responses are
- now
- shown in the protocol tree.
-
-New protocols
-
- distcc, EtherNet/IP, MSRPC ATSVC, RTNET/TMDA
-
-Updated protocols
-
- 802.11, AIM, BGP, CLNP, COTP, CPHA, DCERPC, DNS, EAPOL, Ethernet,
- FDDI,
- GSSAPI, IP, ISAKMP, ISIS, LDAP, LSP, M2PA, MAPI, Modbus, NDPS, NFS,
- NTLMSSP, OSI, OSPF, OpenBSD pflog, PPTP, RMCP, RMI, RPC, RTP, SCSI,
- SCTP, SIP, SMB, SMPP, SMTP, SNMP, SPNEGO, TACACS, TCP, TSP, WBXML,
- WSP,
- WTP
-
-Updated capture file support
-
- HP-UX nettl, VMS UCX$TRACE
-
-
-== May 1, 2003
-
-Ethereal 0.9.12 has been released.
-
- This release fixes several off-by-one and integer overflow errors
- discovered by Timo Sirainen. See
-
- http://www.ethereal.com/appnotes/enpa-sa-00009.html
-
- for more details.
-
-New and updated features
-
- TCP sequence number analysis received a few improvements.
-
- General packet reassembly has been improved.
-
- The "Follow TCP Stream" window now allows you to filter out the
- current
- stream.
-
- The Vines code received significant updates.
-
- Several enhancements were made to the text2pcap utility.
-
-New protocols
-
- ArtNET, IPX WAN, Intel ANS, iSNS, NLSP, WKSSVC
-
-Updated protocols
-
- 802.11 ACAP, AFP, AIM, AJP, ASAP, BGP, CLNP, CPHA, DCE/RPC, DSI,
- EAP,
- IP, IPMI, IPX, IPv6, ISIS, ISUP, IUA, Kerberos, LDAP, M2PA, M2TP,
- M2UA,
- M3UA, MGCP, MTP2, MTP3, MTP3MG, Modbus/TCP, NDMP, NDPS, NFS, NLSP,
- PGM,
- Q.931, RANAP, RPC, RSVP, SCCP, SCCPMG, SCTP, SMB, SNMP, SPX, SSH,
- SUA,
- TCP, Telnet, Vines, WBXML, WSP, WTP
-
-Updated capture file support
-
- Netxray
-
-
-== March 10, 2003
-
-Ethereal 0.9.11 has been released.
-
- The Ethereal 0.9.10 release was packaged improperly. This release
- fixes
- the packaging, and adds minor updates and fixes for the following
- protocols:
-
- AFS, OpenBSD enc(4), RTP, SCSI, SIP, SMPP, SSH
-
- IA64 support has been improved.
-
-
-== March 7, 2003
-
-Ethereal 0.9.10 has been released.
-
- This release fixes a security hole discovered by Georgi Guninski in
- the
- SOCKS dissector as well as problems with the NTLMSSP and Rsync code.
- All users of previous versions are encouraged to upgrade. See
-
- http://www.ethereal.com/appnotes/enpa-sa-00008.html
-
- for more details.
-
-
-New and Updated Features
-
- Many small updates were made to the user interface.
-
- The "Help" menu now includes the FAQ.
-
- The TCP dissector was enhanced. Many more fields are filterable.
-
- Tethereal received more IO stats: TCP and UDP top talkers.
-
- Packet reassembly has been improved.
-
- The "Follow TCP Stream" feature can now export C byte arrays.
-
- RTP streams can now be saved to a file.
-
-
-Bug Fixes
-
- A missing comma in a string array could cause Ethereal to crash when
- opening the preferences dialog.
-
-
-New Protocols
-
- MSN Messenger, Rsync, SSH, Yahoo! Messenger
-
-
-Updated Protocols
-
- AFP, AFS, AIM, ATM, Apache JServ, BACNET, BGP, BOOTP, CLNP, COPS,
- DCCP,
- DCERPC NT, DCERPC, DNS, ESIS, Ethernet, Frame Relay, GIOP, GTP, HP
- extended 802.2 LLC, HP-UX remote management, HTTP, IPP, IPX, LLC,
- LSA,
- M3UA, MDSHDR, MIP6, MPLS, MySQL, NCP2222, NETLOGON, NLPID, NetFlow,
- OpenBSD enc(4), OSI, PPP, RADIUS, RMP, RPL, SAMR, SCSI, SMB, SNA,
- SNMP,
- SOCKS, SPOOLSS, SRVLOC, SRVSVC, SSL, SliMP3, TCP, Token Ring, WBXML,
- Wellfleet BofL X.25, X11
-
-
-Updated Capture File Support
-
- NetXRay, NGSniffer, Snoop
-
-
-== January 23, 2003
-
-Ethereal 0.9.9 has been released.
-
- Please note the next release will NOT be 1.0. There are still more
- features to be added before a 1.0 release will be ready.
-
-
-New and Updated Features
-
- Plugin search behavior was improved under Unix, allowing more than
- one
- version of Ethereal to be installed at one time.
-
- The statistics graphs have been enhanced. More statistics have been
- added:
-
- Round-trip-time statistics are now computed for SMB traffic.
-
- NCP Call and Reply times are now tracked.
-
- Top talker statistics for Ethernet, IP and Token Ring are now
- available (tethereal only).
-
- Color allocation and handling was improved.
-
- The RADIUS dissector can now decrypt user passwords.
-
- Tethereal now supports reading from a pipe under Unix.
-
- The ATM code received major improvements.
-
- The DOS Sniffer code also received major improvements.
-
- For those that compile Ethereal from source, some fixes and updates
- have been made to the configuration and build environment.
-
-
-Bug Fixes
-
- The capture progress window now shows the correct number of elapsed
- minutes.
-
- A potential infinite loop in the TCP graphing code has been fixed.
-
-
-New Protocols
-
- MDSHDR, MEGACO, MySQL, SDLC, X.29
-
-
-Updated Protocols
-
- 802.11, AFP, AFS, AIM, ARCNET, ASAP, ATM, BPDU, Cisco HDLC, CLNP,
- DCE
- RPC, DDTP, Ethernet, FC-ELS, FCIP, H.261, IMSI, IP, IP-over-FC,
- L2TP,
- LMI, M3UA, MTP3, NCP, NetBIOS, NETLOGON, ONC RPC, OSPF, PIM, PPP,
- RADIUS, RANAP, RPC, SAMR, SCTP, SMB, SPNEGO, SPOOLSS, SRVLOC,
- SRVSVC,
- SUA, TNS, Token Ring, Wellfleet HDLC, X.25
-
-
-Updated Capture File Support
-
- Firewall-1, Netmon, NetXRay, Radcom, Sniffer
-
-
-== December 7, 2002
-
-Ethereal 0.9.8 has been released.
-
- Serious problems with the BGP, LMP, PPP, and TDS dissectors have
- been
- discovered. See
-
- http://www.ethereal.com/appnotes/enpa-sa-00007.html
-
- for more details.
-
-
-New and Updated Features
-
- The TAP subsystem received major updates. Tethereal can display
- more statistics, and several graphs have been added to Ethereal.
-
- A protocol hierarchy statistics tap was added to tethereal. This
- code
- may be used to replace the hierarchy statistics code in Ethereal.
-
- More updates have been added to TCP analysis.
-
- After a long hiatus, the Windows installer once again includes SNMP
- support.
-
- The total running time of the capture is now displayed in the
- capture
- progress dialog box. The capture progress dialog also shows ARP
- packets.
-
- The look of the plugins dialog was revamped.
-
-
-Bug Fixes and Updates
-
- A bug which caused Ethereal under Windows to crash when "Update list
- of
- packets in real time" was enabled has been fixed.
-
- The stability of the text2pcap utility has been improved.
-
- In tethereal, the packet count is properly displayed when you ^C out
- of a
- capture.
-
-
-New Protocols
-
- ARCNET, ClearCase NFS, DCERPC LSA_DS, Fibre Channel, HyperSCSI,
- MDNS,
- PCLI, RPL
-
-
-Updated Protocols
-
- AFP, AFS, BACNet, BGP, DCERPC, DCERPC EPM, DCERPC LSA, DCERPC NDR,
- DCERPC NT, DCERPC SAMR, DCERPC UPDATE, GRE, GTP, HTTP, IPv6CP, IPX,
- iSCSI, ISDN, IUA, LAPD, LDAP, M2PA, NDPS, NDS, NetBIOS, NFS,
- NTLMSSP,
- OSPF, PPP, PPPoE, Q.2931, Q.931, RPC, RSVP, SCSI, SCTP, SMB, SNMP,
- Spanning Tree, SPNEGO, SPOOLSS, SPX, SRVLOC, TCP, Telnet, V.120,
- WEP,
- YPSERV
-
-
-Updated Capture File Support
-
- AIX iptrace and tcpdump, NetXRay, Sniffer, snoop
-
-
-== September 28, 2002
-
-Ethereal 0.9.7 has been released.
-
-New Features
-
- In order to improve the out-of-box responsiveness of Ethereal and
- Tethereal, network name resolution has been disabled by default.
-
- TCP analysis (a feature added in the 0.9.6 release) was improved.
-
- The NCP code base received quite a few updates.
-
- Initial support for version 2 of the GTK+ library was added.
-
- RPC staticstics (which use the new Tap API) were added.
-
- Due to added and updated support for the NTLM, SNEGO, and GSS-API
- protocols, Ethereal can now dissect most of the security blobs for
- Windows 2000 authentication.
-
- The Ethernet "manuf" file now handles addresses specified with a
- mask, and contains many well-known addresses.
-
-
-New Protocols
-
- 802.1s MSTP, FIX, GSS-API, Interbase, NDPS, Netflow (Cisco and
- Juniper),
- SCCP-Management, SPNEGO
-
- The following DCE/RPC protocols were also added:
-
- AFS4INT, BOSSVR, CDS_CLERKSERVER, CDS_SOLICIT, CPRPC_SERVER,
- DNSSERVER,
- DTSPROVIDER, DTSSTIME_REQ, FLDB, FTSERVER, KRB5RPC, REPADMIN,
- REP_PROC,
- ROVERRIDE, RPRIV, RS_ATTR, RSEC_LOGIN, RS_MISC, RS_PGO, RS_REPLIST,
- RS_UNIX, SECIDMAP, TKN4INT, UBIKDISK, UKIKVOTE
-
-
-Updated Protocols
-
- AFP, AODV/AODV6, BGP, CHDLC, CHPA, DCE/RPC CONV, DCE/RPC LSA,
- DCE/RPC
- NT, DCE/RPC SAMR, DHCP, DNS, DOCSIS, EAP, GTP, HTTP, IP, iSCSI, IS-
- IS,
- Kerberos, LDAP, LDP, M2PA MMSE, NBNS, NCP, NDS, NETLOGON, NTLMSSP,
- OSI
- Q.931 RPC, RPCSTAT, SCSI, Skinny, SMB, SNEGO, SPOOLSS, SRVSVC, TCP,
- WSP,
-
-
-== August 20, 2002
-
-Ethereal 0.9.6 has been released.
-
-Bugs Fixed
-
- A buffer overflow in the ISIS dissector has been fixed. More
- information can be found at
- http://www.ethereal.com/appnotes/enpa-sa-00006.html.
-
- A bad TCP header could cause problems for the "Follow TCP Stream"
- feature.
-
- Setting "column.format" from the command line no longer crashes
- Ethereal and Tethereal.
-
- Problems with capture files being overwritten (e.g. if you try to
- save over
- the current capture file) have been fixed.
-
- An SMB conversation handling bug has been fixed.
-
- Thanks to Valgrind, several memory leaks have been fixed.
-
- Some problems with printing under Windows have been fixed.
-
-
-New Features
-
- TCP sequence number analysis has been added.
-
- The DCE RPC NETLOGON dissector has received a major overhaul.
-
- Data types throughout the code have been cleaned up.
-
-
-New Protocols
-
- CPHA, DOCSIS, NTLMSSP, Xyplex terminal server protocol, ZIP
-
-
-Updated Protocols
-
- 802.11, AFP, ASAP, BGP, CDP, CDPCP, CPHA, DDP, DCERPC, DCERPC NT,
- DCERPC
- REG, EPM, FTP, HCLNFSD, HTTP, IPX, ISAKMP, ISIS, IUA, Kerberos,
- L2TP,
- LLMNR, LSA, MMSE, MPLSCP, NBNS, NetBIOS, NETLOGON, NFS, NTLMSSP,
- PPP,
- Quake2, RADIUS, RSVP, RTCP, SAMR, SCSI, SDP, SIP, SMB, SMB Mailslot,
- SMTP, SPOOLSS, TCP, TDS, TNS, TPKT, Token Ring, VJ TCP, WINREG, WSP
-
-
-Capture File Updates
-
-CheckPoint Firewall-1 monitor file support and CoSine debug file
-support
-were added. Support for pppdump and Netmon files was updated.
-
-
-== June 28, 2002
-
-Ethereal 0.9.5 has been released. This version fixes several potential
-security problems revealed since the release of 0.9.4. See the
-security
-advisory at http://www.ethereal.com/appnotes/enpa-sa-00005.html for
-more details.
-
-
-New Features:
-
-The ability to read packet data from a pipe was enhanced. Printing
-under Windows now works.
-
-
-New Protocols
-
-802.3 LACP, Apache JServ, AODV6, DCERPC Browser, Java RMI, TAPI
-
-
-Updated Protocols
-
-ATM, BGP, BOOTP, DCE RPC, EPM, Frame Relay, GTP, L2TP, LMP, MAPI, MIP,
-MMSE, MTP3, NCP, NFS, NSPI, PPP, Q2931, RADIUS, RSVP, SCSI, SMB, SNA,
-SOCKS, SPOOLSS, SRVSVC, SunATM, TFTP, TNS, Token Ring, UCP, VJ TCP/IP,
-WCP, WEP, WSP, WTP
-
-
-Capture File Updates
-
-Ethereal can now write LANalyzer files. The Sniffer, nettl, snoop,
-NetXRay, and libpcap code all received updates.
-
+Frequently Asked Questions
+ A complete FAQ is available on the Wireshark web site.