For those of you who haven't upgraded your version of Wireshark to the latest and greatest, I would suggest you consider the upgrade.
1.8 has a lot of new features(from the release notes), for example;
New and Updated Features
The following features are new (or have been significantly
updated) since version 1.6:
o Wireshark supports capturing from multiple interfaces at once.
o You can now add, edit, and save packet and capture file
annotations.
o Wireshark, TShark, and their associated utilities now save
files using the pcap-ng file format by default. (Your copy of
Wireshark might still use the pcap file format if pcap-ng is
disabled in your preferences.)
o Decryption key management for IEEE 802.11, IPsec, and ISAKMP
is easier.
o OID resolution is now supported on 64-bit Windows.
o The "Save As" menu item has been split into "Save As", which
lets you save a file using a different filename and "Export
Specified Packets", which lets you have more control over
which packets are saved.
o TCP fast retransmissions are now indicated as an expert info
note, rather than a warning, just as TCP retransmissions are.
o TCP window updates are no longer colorized as "Bad TCP".
o TShark's command-line options have changed. The previously
undocumented -P option is now -2 option for performing a
two-pass analysis; the former -S option is now the -P option
for printing packets even if writing to a file, and the -S
option is now used to specify a different line separator
between packets.
As with all change, some isn't the welcomed. I've had a few people ask me where the !@#!@#@!!! Capture Filter dialogue went.
OK, OK.. Here's a quick video showig you where it went.
Recent Comments