ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa Wireshark 4.4.0 ndi Zeek 7.0.0 network analyzers

Kutulutsidwa kwa Wireshark 4.4.0 ndi Zeek 7.0.0 network analyzers

Kutulutsidwa kwa nthambi yokhazikika ya Wireshark 4.4 network analyzer kwasindikizidwa. Pulogalamuyi imathandizira ma protocol opitilira chikwi chimodzi ndi mitundu ingapo yojambula magalimoto. Mawonekedwe osinthika amaperekedwa kuti apange zosefera, kujambula magalimoto, kusanthula zinyalala zosungidwa, ndikuwunika mapaketi. Imathandizira zida zapamwamba monga kuyitanitsanso paketi, kuchotsa ndi kusunga zomwe zili m'mafayilo omwe amatumizidwa pogwiritsa ntchito ma protocol osiyanasiyana, kusewera mitsinje ya VoIP ndi RTP, IPsec decryption, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP ndi WPA/WPA2. Khodi ya polojekitiyi imagawidwa pansi pa layisensi ya GPLv2.

Zatsopano zazikulu mu Wireshark 4.4.0:

  • Thandizo lowonjezera losintha ma profiles ndi zoikamo. Wogwiritsa ntchito amatha kumangirira fyuluta yowonetsera ku mbiri ndipo ngati fayilo yokhala ndi magalimoto ogwidwa omwe amafanana ndi fyulutayo atsegulidwa, mbiri yogwirizana nayo idzatsegulidwa.
  • Thandizo lowonjezera la Lua 5.3 ndi 5.4. Thandizo la Lua 5.1 ndi 5.2 lathetsedwa.
  • Pazosefera zowonetsera, chithandizo chazingwe chasinthidwa (kuthekera kwa kuyimira zingwe kwa magawo a manambala kwawonekera).
  • Ndizotheka kutanthauzira zosefera ngati mawonekedwe a mapulagini, ofanana ndi ma parsers ndi ma protocol parsing modules.
  • Anawonjezera "Sinthani> Matulani> Onetsani fyuluta ngati pcap fyuluta" ntchito kutembenuza zowonetsera zowonetsera kuti pcap zosefera ndi minda yofanana.
  • Zokambirana zambiri zojambulidwa zakonzedwa bwino, ma graph olowetsa/zotulutsa, mayendedwe amayendedwe, mafoni a VoIP ndi mayendedwe a TCP akhala amakono.
  • Zimaloledwa kufotokozera zipilala zanu, zomwe zingagwiritsidwe ntchito pazochitika zilizonse (zosefera, mawerengedwe a masamu, ntchito zomveka, zosintha za protocol, etc.).
  • Lolani kufotokozera magawo anu otulutsa a "tshark -e" pogwiritsa ntchito magawo omwe alipo.
  • Zowonjezera zothandizira kumanga ndi laibulale ya zlib-ng m'malo mwa zlib yogwira ntchito ndi mafayilo oponderezedwa.
  • Zowonjezera zothandizira ma protocol ndi mawonekedwe:
    • Allied Telesis Resiliency Link (AT RL),
    • ATN Security Label,
    • Bit Index Explicit Replication (BIER),
    • Bus Mirroring Protocol
    • EGNOS Message Server (EMS),
    • Galileo E1-B I/NAV,
    • IBM ndi RDMA Endpoint (iRDMA-EDP),
    • IWBEMSERVICES, MAC NR Framed (mac-nr-framed),
    • Matter Bluetooth Transport Protocol (MatterBTP),
    • MiWi P2P Star,
    • Monero,
    • Mtengo wa 0183
    • PLDM
    • Kutsimikizika kwa RDP kutsimikiziranso njira yolumikizira njira (rdpear),
    • RF4CE Network Layer (RF4CE),
    • Mbiri ya RF4CE (RF4CE Mbiri),
    • RK512, SAP Remote Function Call (SAPRFC),
    • SBAS L1 Navigation Message,
    • Scanner Access Tsopano Yosavuta (SANE),
    • TREL,
    • WMIO,
    • ZeroMQ Message Transport Protocol (ZMTP).
  • Chiwopsezo (CVE-2024-8250) chomwe chimayambitsa ngozi mukakonza mapaketi opangidwa mwapadera akhazikitsidwa.

Kuphatikiza apo, titha kuzindikira kutulutsidwa kwa kusanthula kwa magalimoto ndi makina ozindikira olowera pa intaneti a Zeek 7.0.0, omwe adagawidwa kale pansi pa dzina lakuti Bro. Zeek ndi nsanja yowunikira anthu pamsewu yomwe imayang'ana kwambiri, koma osati, kutsata zochitika zachitetezo. Pulatifomu ya Zeek imapereka ma module owunikira ndikuwunika ma protocol osiyanasiyana amtundu wapaintaneti, poganizira momwe maulumikizidwe amakhalira ndikulola kuti pakhale chipika chatsatanetsatane (zosungidwa) zama network. Chilankhulo chodziwika ndi domain chimaperekedwa kuti chilembetse zolembera ndikuzindikira zolakwika, poganizira zachindunji chapadera. Dongosololi limakonzedwa kuti ligwiritsidwe ntchito pamanetiweki apamwamba kwambiri. API imaperekedwa kuti iphatikizidwe ndi machitidwe azidziwitso a chipani chachitatu ndikusinthana kwa data munthawi yeniyeni. Khodi yamakina imalembedwa mu C ++ ndikugawidwa pansi pa layisensi ya BSD.

M'magazini yatsopano ya Zeek:

  • Dongosolo la Telemetry lomwe limagwiritsidwa ntchito kusonkhanitsa ndi kutumiza ziwerengero (mwachitsanzo, kuchuluka kwa maulumikizidwe otseguka ndi kuchuluka kwa pempho) lakonzedwanso. M'malo mophatikiza ma metric pama node omaliza ndikuwatsogolera kumalo ena owongolera, mtundu watsopanowu umagwiritsa ntchito njira yofotokozera zautumiki wa Prometheus kuti atolere ma metric kuchokera ku node.
  • Jenereta yophatikizira ma protocol ndi mafayilo yasinthidwa kuti ikhale Spicy 1.11, yomwe yasintha mawonekedwe a kachidindo kukumbukira, kudalirika kowonjezereka, kuwongolera bwino kwa kutayika kwa paketi, kukulitsa thandizo la magawo pang'ono ndikugwira ntchito mwachangu (kwa ma protocol ena magwiridwe antchito. kuwonjezeka kufika 30%.
  • Thandizo lowonjezera la injini yokhathamiritsa zolemba za ZAM (Zeek Abstract Machine), yomwe imapangitsa kuti zolemba za Zeek zitheke popanga ma syntax mitengo yamtengo wapatali kukhala mawonekedwe otsika kwambiri.
  • Zowunikira zatsopano za QUIC ndi LDAP zakonzedwa, zomangidwa pogwiritsa ntchito jenereta ya Spicy parser.
  • Kukonzekera kolondola kwa kutumiza kumitundu yatsopano ya HTTP protocol kumatsimikizika.
  • Kupititsa patsogolo kwa WebSocket.
  • Thandizo lowonjezera pakudula mitengo mochedwa.

Source: opennet.ru

Kuwonjezera ndemanga