Wireshark 1.6.0 released

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following features are new (or have been significantly updated) since version 1.4:

  • Wireshark is now distributed as an installation package rather than a drag-installer on OS X. The installer adds a startup item that should make it easier to capture packets.
  • Large file (greater than 2 GB) support has been improved.
  • Wireshark and TShark can import text dumps, similar to text2pcap.
  • You can now view Wireshark’s dissector tables (for example the TCP port to dissector mappings) from the main window.
  • Wireshark can export SSL session keys via File→Export→SSL Session Keys.
  • TShark can show a specific occurrence of a field when using ‘-T fields’.
  • Custom columns can show a specific occurrence of a field.
  • You can hide columns in the packet list.
  • Wireshark can now export SMB objects.
  • dftest and randpkt now have manual pages.
  • TShark can now display iSCSI, ICMP and ICMPv6 service response times.
  • Dumpcap can now save files with a user-specified group id.
  • Syntax checking is done for capture filters.
  • You can display the compiled BPF code for capture filters in the Capture Options dialog.
  • You can now navigate backwards and forwards through TCP and UDP sessions using Ctrl+, and Ctrl+. .
  • Packet length is (finally) a default column.
  • TCP window size is now avaiable both scaled and unscaled. A TCP window scaling graph is available in the GUI.
  • 802.1q VLAN tags are now shown in the Ethernet II protocol tree instead of a separate tree.
  • Various dissectors now display some UTF-16 strings as proper Unicode including the DCE/RPC and SMB dissectors.
  • The RTP player now has an option to show the time of day in the graph in addition to the seconds since beginning of capture.
  • The RTP player now shows why media interruptions occur.
  • Graphs now save as PNG images by default.
  • Wireshark and TShark can now read compressed Windows Sniffer files.

Don't miss