Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Wireshark 4.0 network analyzer kumasulidwa

Wireshark 4.0 network analyzer kumasulidwa

Kutulutsidwa kwa nthambi yokhazikika ya Wireshark 4.0 network analyzer kwasindikizidwa. Tiyeni tikumbukire kuti polojekitiyi idapangidwa poyamba pansi pa dzina la Ethereal, koma mu 2006, chifukwa cha mkangano ndi mwiniwake wa chizindikiro cha Ethereal, omangawo anakakamizika kutchulanso polojekitiyi Wireshark. Khodi ya polojekitiyi imagawidwa pansi pa layisensi ya GPLv2.

Zatsopano zazikulu mu Wireshark 4.0.0:

  • Kapangidwe ka zinthu pawindo lalikulu lasinthidwa. Zowonjezera Packet Information ndi Packet Bytes mapanelo ali mbali ndi mbali pansi pa gulu la Package List.
  • Mapangidwe a mabokosi a "Zokambirana" ndi "Endpoint" asinthidwa.
    • Zosankha zowonjezeredwa pamindandanda yankhani kuti musinthe kukula kwa magawo onse ndikukopera zinthu.
    • Kuthekera kochotsa ndi kulumikiza ma tabo kumaperekedwa.
    • Zowonjezera zothandizira kutumiza kunja mu mtundu wa JSON.
    • Zosefera zikagwiritsidwa ntchito, zipilala zimawonetsedwa zomwe zikuwonetsa kusiyana pakati pa mapaketi omwe adafanana ndi omwe sanasefedwe.
    • Kusanja mitundu yosiyanasiyana ya data kwasinthidwa.
    • Zozindikiritsa zimalumikizidwa ku mitsinje ya TCP ndi UDP ndipo kuthekera kosefa ndi iwo kumaperekedwa.
    • Amaloledwa kubisa zokambirana kuchokera pazosankha.
  • Kupititsa patsogolo kutulutsa kwa hex kuchokera pa mawonekedwe a Wireshark ndikugwiritsa ntchito lamulo la text2pcap.
    • text2pcap imapereka mwayi wojambulira zotayidwa mumitundu yonse yothandizidwa ndi laibulale ya wiretap.
    • Mu text2pcap, pcapng imayikidwa ngati mawonekedwe osasinthika, ofanana ndi editcap, mergecap ndi tshark utilities.
    • Anawonjezera thandizo posankha linanena bungwe mtundu encapsulation mtundu.
    • Anawonjezera njira zatsopano zodula mitengo.
    • Zinapereka mwayi wosunga mitu ya IP, TCP, UDP ndi SCTP m'malo otayira mukamagwiritsa ntchito Raw IP, Raw IPv4 ndi Raw IPv6 encapsulation.
    • Thandizo lowonjezera pakusanthula mafayilo olowera pogwiritsa ntchito mawu okhazikika.
    • Kugwira ntchito kwa text2pcap utility ndi mawonekedwe a "Import from Hex Dump" mu Wireshark amatsimikiziridwa.
  • Kuchita kwa kutsimikiza kwa malo pogwiritsa ntchito nkhokwe za MaxMind kwasinthidwa kwambiri.
  • Zosintha zasinthidwa ku kalembedwe ka malamulo osefera magalimoto:
    • Anawonjezera luso kusankha wosanjikiza wa stack protocol, mwachitsanzo, pamene encapsulating IP-over-IP, kuchotsa maadiresi kunja ndi zisa paketi, mukhoza kufotokoza "ip.addr#1 == 1.1.1.1" ndi " ip.addr#2 == 1.1.1.2. XNUMX".
    • Mawu ovomerezeka tsopano amathandizira "aliyense" ndi "onse" quantifiers, mwachitsanzo "all tcp.port > 1024" kuyesa madera onse a tcp.port.
    • Pali mawu omangidwira ofotokozera zagawo - ${some.field}, yokhazikitsidwa popanda kugwiritsa ntchito macros.
    • Anawonjezera luso logwiritsa ntchito masamu (“+”, “-“, “*”, “/”, “%”) ndi manambala, kulekanitsa mawuwo ndi zingwe zopindika.
    • Zowonjezera max (), min () ndi abs () ntchito.
    • Zimaloledwa kufotokoza mawu ndi kutchula ntchito zina monga mikangano ya ntchito.
    • Kuwonjezedwa kwa mawu atsopano kuti alekanitse liwu ndi zizindikiritso - mtengo woyambira ndi kadontho umatengedwa ngati gawo la protocol kapena gawo la protocol, ndipo mtengo womwe uli mkati mwa mabulaketi amawonedwa ngati weniweni.
    • Wowonjezera pang'ono "&", mwachitsanzo, kuti musinthe ma bits, mutha kutchula "frame[0] & 0x0F == 3".
    • Kutsogola kwa womveka NDI woyendetsa tsopano ndikokwera kuposa kwa OR woyendetsa.
    • Thandizo lowonjezera pofotokoza zokhazikika mu mawonekedwe a binary pogwiritsa ntchito mawu oyambira "0b".
    • Powonjezera kuthekera kogwiritsa ntchito ma index olakwika popereka lipoti kuyambira kumapeto, mwachitsanzo, kuti muwone ma byte awiri omaliza pamutu wa TCP mutha kutchula "tcp[-2:] == AA:BB".
    • Kulekanitsa zinthu za seti yokhala ndi mipata ndikoletsedwa; kugwiritsa ntchito mipata m'malo mwa koma tsopano kubweretsa cholakwika osati chenjezo.
    • Anawonjezeranso njira zothawirako: \a, \b, \f, \n, \r, \t, \v.
    • Adawonjezera kuthekera kofotokozera zilembo za Unicode mu \uNNNN ndi \UNNNNNNNNN mawonekedwe.
    • Wowonjezera wofananira watsopano "===" ("all_eq"), yemwe amagwira ntchito pokhapokha ngati mawu akuti "a === b" onse a "a" machesi "b". Anawonjezeranso woyendetsa "!==" ("any_ne").
    • "~="wogwiritsa ntchito wachotsedwa ndipo "!==" akuyenera kugwiritsidwa ntchito m'malo mwake.
    • Ndizoletsedwa kugwiritsa ntchito manambala okhala ndi dontho lotseguka, i.e. mtengo ".7" ndi "7." tsopano ndi zosavomerezeka ndipo ziyenera kusinthidwa ndi "0.7" ndi "7.0".
    • Injini yowonetsera nthawi zonse mu injini yowonetsera yasunthidwa ku laibulale ya PCRE2 m'malo mwa GRegex.
    • Kuwongolera kolondola kwa null byte kumakhazikitsidwa pazingwe zowonetsera nthawi zonse ('\ 0' mu chingwe imatengedwa ngati null byte).
    • Kuphatikiza pa 1 ndi 0, mfundo za boolean tsopano zitha kulembedwanso kuti Zoona/ZOONA komanso Zonama/BODZA.
  • Gawo la HTTP2 dissector lawonjezera chithandizo chogwiritsa ntchito mitu ya dummy kuti tidutse zomwe zidatengedwa popanda mapaketi am'mbuyomu okhala ndi mitu (mwachitsanzo, popereka mauthenga mumalumikizidwe a gRPC omwe adakhazikitsidwa kale).
  • Thandizo la Mesh Connex (MCX) lawonjezedwa ku IEEE 802.11 parser.
  • Kusungidwa kwakanthawi (popanda kusungira pa disk) mawu achinsinsi muzokambirana za Extcap amaperekedwa, kuti musalowemo pakuyambitsanso mobwerezabwereza. Anawonjezera kuthekera koyika mawu achinsinsi a extcap kudzera pazida zamalamulo monga tshark.
  • Ciscodump imagwiritsa ntchito kuthekera kojambulira kutali kuchokera pazida zochokera ku IOS, IOS-XE ndi ASA.
  • Thandizo lowonjezera la protocol:
    • Kuzindikira kwa Allied Telesis Loop (AT LDF),
    • AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
    • DTN Bundle Protocol Security (BPSec),
    • DTN Bundle Protocol Version 7 (BPv7),
    • DTN TCP Convergence Layer Protocol (TCPCL),
    • DVB Selection Information Table (DVB SIT),
    • Chigwirizano Chowonjezera Chakugulitsa Ndalama 10.0 (XTI),
    • Chiyankhulo Chowonjezera cha Buku la Order 10.0 (EOBI),
    • Enhanced Trading Interface 10.0 (ETI),
    • FiveCo's Legacy Register Access Protocol (5co-legacy),
    • Generic Data Transfer Protocol (GDT),
    • gRPC Web (gRPC-Web),
    • Host IP Configuration Protocol (HICP),
    • Huawei GRE bonding (GREbond),
    • Locamation Interface Module (IDENT, CALIBRATION, SAMPLES - IM1, SAMPLES - IM2R0),
    • Mesh Connex (MCX),
    • Microsoft Cluster Remote Control Protocol (RCP),
    • Open Control Protocol ya OCA/AES70 (OCP.1),
    • Protected Extensible Authentication Protocol (PEAP),
    • REdis Serialization Protocol v2 (RESP),
    • Roon Discovery (RoonDisco),
    • Secure File Transfer Protocol (sftp),
    • Secure Host IP Configuration Protocol (SHICP),
    • SSH File Transfer Protocol (SFTP),
    • USB Attached SCSI (UASP),
    • ZBOSS Network Coprocessor (ZB NCP).
  • Zofunikira pakumanga (CMake 3.10) ndi zodalira (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8) zawonjezeka.

Source: opennet.ru

Kuwonjezera ndemanga