www.osssr.com 精品软件
坚持绿色之路 共筑生态之基

Wireshark 3.0.0 网络协议分析工具正式版

Wireshark 是世界上最重要和最广泛使用的网络协议分析仪。它可以让您在微观层面上看到网络上发生的事情,并且是许多商业和非营利企业,政府机构和教育机构的事实上(通常是法律上的)标准。由于全球网络专家的志愿者贡献,Wireshark的发展蓬勃发展,并且是Gerald Combs在1998年启动的项目的延续。Wireshark 可以实时检测网络通讯数据,也可以检测其抓取的网络通讯数据快照文件。通过图形界面浏览这些数据,并查看网络通讯数据包中每一层的详细内容。



  • 深入检查数百种协议,并且一直在增加更多协议
  • 实时捕获和离线分析
  • 标准三窗格数据包浏览器
  • 多平台:在Windows,Linux,macOS,Solaris,FreeBSD,NetBSD和其他许多平台上运行
  • 捕获的网络数据可以通过GUI或TTY模式tshark实用程序进行浏览。
  • 业界最强大的显示器过滤器
  • 丰富的VoIP分析
  • 读/写许多不同的捕获文件格式:tcpdump(libpcap),Pcap NG,Catapult DCT2000,Cisco Secure IDS iplog,Microsoft网络监视器,NetworkGeneralSniffer®(压缩和未压缩),Sniffer®Pro和NetXray®,Network Instruments Observer ,NetScreen snoop,Novell LANalyzer,RADCOM WAN / LAN分析仪,Shomiti / Finisar Surveyor,Tektronix K12xx,Visual Networks Visual UpTime,WildPackets EtherPeek / TokenPeek / AiroPeek等等
  • 使用gzip压缩的捕获文件可以动态解压缩
  • 实时数据可以从以太网,IEEE 802.11,PPP / HDLC,ATM,蓝牙,USB,Token Ring, Frame Relay,FDDI等中读取(取决于您的平台)
  • 对许多协议的解密支持,包括IPsec,ISAKMP,Kerberos,SNMPv3,SSL / TLS,WEP和WPA / WPA2
  • 可以将着色规则应用于数据包列表,以便进行快速,直观的分析
  • 输出可以导出为XML,PostScript®,CSV或纯文本


Wireshark 3.0.0 Released February 28, 2019

The following features are new (or have been significantly updated) since version 3.0.0rc2:

No significant changes.

The following features are new (or have been significantly updated) since version 3.0.0rc1:

The IP map feature (the “Map” button in the “Endpoints” dialog) has been added back in a modernized form (Bug 14693).

The macOS package now ships with Qt 5.12.1. Previously it shipped with Qt 5.9.7.

The macOS package requires version 10.12 or later. If you’re running an older version of macOS, please use Wireshark 2.6.

The following features are new (or have been significantly updated) since version 2.9.0:

Wireshark now supports the Swedish and Ukrainian languages.

Initial support for using PKCS #11 tokens for RSA decryption in TLS. This can be configured at Preferences, RSA Keys.

The build system now produces reproducible builds (Bug 15163).

The Windows installers now ship with Qt 5.12.1. Previously they shipped with Qt 5.12.0.

The following features are new (or have been significantly updated) since version 2.6.0:

The Windows .exe installers now ship with Npcap instead of WinPcap.

Conversation timestamps are supported for UDP/UDP-Lite protocols

TShark now supports the -G elastic-mapping option which generates an ElasticSearch mapping file.

The “Capture Information” dialog has been added back (Bug 12004).

The Ethernet and IEEE 802.11 dissectors no longer validate the frame check sequence (checksum) by default.

The TCP dissector gained a new “Reassemble out-of-order segments” preference to fix dissection and decryption issues in case TCP segments are received out-of-order. See the User’s Guide, chapter TCP Reassembly for details.

Decryption support for the new WireGuard dissector (Bug 15011, requires Libgcrypt 1.8).

The BOOTP dissector has been renamed to DHCP. With the exception of “bootp.dhcp”, the old “bootp.*” display filter fields are still supported but may be removed in a future release.

The SSL dissector has been renamed to TLS. As with BOOTP the old “ssl.*” display filter fields are supported but may be removed in a future release.

Coloring rules, IO graphs, Filter Buttons and protocol preference tables can now be copied from other profiles using a button in the corresponding configuration dialogs.

APT-X has been renamed to aptX.

When importing from hex dump, it’s now possible to add an ExportPDU header with a payload name. This calls the specific dissector directly without lower protocols.

The sshdump and ciscodump extcap interfaces can now use a proxy for the SSH connection.

Dumpcap now supports the -a packets:NUM and -b packets:NUM options.

Wireshark now includes a “No Reassembly” configuration profile.

Wireshark now supports the Russian language.

The build system now supports AppImage packages.

The Windows installers now ship with Qt 5.12.0. Previously they shipped with Qt 5.9.7.

Support for DTLS and TLS decryption using pcapng files that embed a Decryption Secrets Block (DSB) containing a TLS Key Log (Bug 15252).

The editcap utility gained a new –inject-secrets option to inject an existing TLS Key Log file into a pcapng file.

A new dfilter function string() has been added. It allows the conversion of non-string fields to strings so string functions (as contains and matches) can be used on them.

The Bash test suite has been replaced by one based on Python unittest/pytest.

The custom window title can now show file path of the capture file and it has a conditional separator.


Wireshark x64 安装版

Wireshark x86 安装版

Wireshark 便携版

Wireshark For macOS 10.12+

版权声明:本文采用知识共享 署名4.0国际许可协议 [BY-NC-SA] 进行授权
文章名称:《Wireshark 3.0.0 网络协议分析工具正式版》

评论 1

  1. #1


    Google Chrome 72.0.3626.119 Google Chrome 72.0.3626.119 Windows 10 x64 Edition Windows 10 x64 Edition
    jimmy2年前 (2019-03-08)回复