ProHoster > Блог > labaran intanet > Wireshark 4.0 Sakin Analyzer Network

Wireshark 4.0 Sakin Analyzer Network

An buga sabon reshe mai tsayayye na mai nazarin hanyar sadarwa na Wireshark 4.0. Bari mu tuna cewa an fara aiwatar da aikin a ƙarƙashin sunan Ethereal, amma a cikin 2006, saboda rikici tare da mai mallakar Ethereal alamar kasuwanci, an tilasta masu haɓakawa su sake suna aikin Wireshark. Ana rarraba lambar aikin a ƙarƙashin lasisin GPLv2.

Mabuɗin sabbin abubuwa a cikin Wireshark 4.0.0:

  • An canza tsarin abubuwa a cikin babban taga. Ƙarin Bayanin Fakitin da Fakitin Fakitin Bytes suna nan gefe da gefe a ƙasan rukunin Fakitin.
  • An canza zane na akwatunan maganganu "Tattaunawa" da "Ƙarshen Ƙarshen".
    • Ƙara zaɓuɓɓuka zuwa menu na mahallin don sake girman duk ginshiƙai da kwafi abubuwa.
    • An ba da ikon kwancewa da haɗa shafuka.
    • Ƙara goyon baya don fitarwa a tsarin JSON.
    • Lokacin da ake amfani da tacewa, ana nuna ginshiƙai waɗanda ke nuna bambance-bambance tsakanin fakitin da aka daidaita da waɗanda ba a tace su ba.
    • An canza nau'ikan bayanai daban-daban.
    • Ana haɗe masu ganowa zuwa rafukan TCP da UDP kuma ana ba da ikon tacewa da su.
    • An ba da izinin ɓoye maganganu daga menu na mahallin.
  • Inganta shigo da hex juji daga Wireshark dubawa da kuma amfani da text2pcap umurnin.
    • text2pcap yana ba da damar yin rikodin jujjuyawar a duk nau'ikan da ke da goyan bayan ɗakin karatu na tap ɗin waya.
    • A cikin text2pcap, an saita pcapng azaman sigar tsoho, kama da kayan aikin editcap, mergecap da tshark.
    • Ƙara goyon baya don zaɓar nau'in kayan aiki na fitarwa.
    • Ƙara sababbin zaɓuɓɓuka don shiga.
    • Bayar da ikon adana dummy IP, TCP, UDP da SCTP heads a cikin juji lokacin amfani da Raw IP, Raw IPv4 da Raw IPv6 encapsulation.
    • Ƙara goyon baya don duba fayilolin shigarwa ta amfani da maganganu na yau da kullum.
    • An tabbatar da aikin mai amfani na text2pcap da kuma "Shigo daga Hex Dump" a cikin Wireshark.
  • Ayyukan tantance wuri ta amfani da bayanan MaxMind an inganta sosai.
  • An yi canje-canje ga tsarin ƙa'idodin tace zirga-zirga:
    • Ƙara ikon zaɓar takamaiman Layer na tsarin yarjejeniya, alal misali, lokacin shigar da IP-over-IP, don cire adireshi daga fakiti na waje da na gida, zaku iya saka "ip.addr#1 == 1.1.1.1" da " ip.addr#2 == 1.1.1.2. XNUMX".
    • Kalamai na sharadi yanzu suna goyan bayan "kowa" da "duk" ƙididdigewa, misali "duk tcp.port> 1024" don gwada duk filayen tcp.port.
    • Akwai ginanniyar haɗin gwiwa don tantance bayanan filin - ${some.field}, wanda aka aiwatar ba tare da amfani da macros ba.
    • An ƙara ikon yin amfani da ayyukan lissafin ("+", "-", "*", "/", "%") tare da filayen lambobi, raba magana tare da takalmin gyaran kafa.
    • Ƙara ayyuka max(), min() da abs().
    • An ba da izinin ƙididdige magana da kiran wasu ayyuka azaman gardamar aiki.
    • An ƙara sabon haɗin gwiwa don raba zahiri daga masu ganowa - ƙimar da ta fara da ɗigo ana kula da ita azaman yarjejeniya ko filin yarjejeniya, kuma ana ɗaukar ƙimar da ke cikin ɓangarorin kusurwa azaman zahiri.
    • Ƙara afareta "&", misali, don canza rago ɗaya ɗaya zaka iya ƙayyade "frame[0] & 0x0F == 3".
    • Matsayin mai ma'ana AND afareto yanzu ya fi na OR ma'aikaci.
    • Ƙara goyon baya don ƙayyadaddun ƙididdiga a cikin nau'i na binary ta amfani da prefix "0b".
    • Ƙara ikon yin amfani da ƙima mara kyau don bayar da rahoto daga ƙarshe, alal misali, don bincika bytes biyu na ƙarshe a cikin taken TCP zaka iya ƙayyade "tcp[-2:] == AA: BB".
    • An haramta raba abubuwan saitin tare da sarari; amfani da sarari maimakon waƙafi zai haifar da kuskure maimakon faɗakarwa.
    • Ƙara ƙarin jerin tserewa: \a, \b, \f, \n, \r, \t, \v.
    • An ƙara ikon tantance haruffa Unicode a cikin tsarin \ uNNNN da \ UNNNNNNNN.
    • An ƙara sabon ma'aikacin kwatance "===" ("all_eq"), wanda ke aiki kawai idan a cikin kalmar "a === b" duk darajar "a" ta zo daidai da "b". An kuma ƙara mai juyawa "!==" ("kowane_ne").
    • An soke ma'aikacin "~=" kuma "!==" yakamata a yi amfani da shi maimakon.
    • An haramta amfani da lambobi tare da buɗaɗɗen digo, watau. dabi'u".7" da "7." yanzu ba su da inganci kuma yakamata a maye gurbinsu da "0.7" da "7.0".
    • Injin magana na yau da kullun a cikin injin tace nuni an koma ɗakin karatu na PCRE2 maimakon GRegex.
    • Ana aiwatar da daidaitaccen mu'amala na baiti mara kyau a cikin sigar magana ta yau da kullun da samfuri ('\0' a cikin kirtani ana ɗaukarsa azaman mara amfani).
    • Baya ga 1 da 0, ana iya rubuta ƙimar boolean a matsayin Gaskiya/GASKIYA da KARYA/KARYA.
  • Tsarin dissector na HTTP2 ya ƙara goyan baya don amfani da manyan kanun labarai don tantance bayanan da aka kama ba tare da fakitin da suka gabata ba tare da masu kai (misali, lokacin da ake tantance saƙonni a cikin haɗin gRPC da aka riga aka kafa).
  • An ƙara tallafin Mesh Connex (MCX) zuwa IEEE 802.11 parser.
  • An tanadar da ma'ajiyar ɗan lokaci (ba tare da adanawa akan faifai ba) kalmar sirri a cikin maganganun Extcap, don kar a shigar da shi yayin ƙaddamar da maimaitawa. Ƙara ikon saita kalmar sirri don extcap ta hanyar kayan aikin layin umarni kamar tshark.
  • Mai amfani da ciscodump yana aiwatar da ikon ɗaukar nesa daga na'urori bisa IOS, IOS-XE da ASA.
  • Ƙara goyon bayan yarjejeniya:
    • Allied Telesis Loop Detection (AT LDF),
    • AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
    • DTN Bundle Protocol Security (BPSec),
    • DTN Bundle Protocol Version 7 (BPv7),
    • DTN TCP Convergence Layer Protocol (TPCCL),
    • Teburin Bayanin Zaɓin DVB (DVB SIT),
    • Ingantattun Interface Trading Cash 10.0 (XTI),
    • Ingantattun Littafin oda Interface 10.0 (EOBI),
    • Ingantattun Interface Interface 10.0 (ETI),
    • Yarjejeniyar Samun Rijistar Legacy ta FiveCo (Legacy 5),
    • Ƙa'idar Canja wurin Bayanai (GDT),
    • Yanar Gizo na gRPC (gRPC-Web),
    • Mai watsa shiri IP Configuration Protocol (HICP),
    • Huawei GRE bonding (GREbond),
    • Module Interface Module (IDENT, CALIBRATION, SAMPLES - IM1, SAMPLES - IM2R0),
    • Mesh Connex (MCX),
    • Microsoft Cluster Remote Control Protocol (RCP),
    • Buɗe Yarjejeniyar Sarrafa don OCA/AES70 (OCP.1),
    • Ka'idojin Tabbatar da Kariya (PEAP),
    • REdis Serialization Protocol v2 (RESP),
    • Gano Roon (RoonDisco),
    • Amintaccen Tsarin Canja wurin Fayil (sftp),
    • Amintaccen Mai watsa shiri IP Kanfigareshan Protocol (SHICP),
    • SSH File Canja wurin Protocol (SFTP),
    • Kebul Attached SCSI (UASP),
    • ZBOSS Network Coprocessor (ZB NCP).
  • Abubuwan da ake buƙata don yanayin gini (CMake 3.10) da abubuwan dogaro (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8) an ƙara su.

source: budenet.ru

Add a comment