ProHoster > Блог > wararka internetka > Wireshark 4.0 falanqeeyaha shabakadaha sii deynta

Wireshark 4.0 falanqeeyaha shabakadaha sii deynta

Siideynta laan cusub oo deggan oo ah falanqeeyaha shabakadda Wireshark 4.0 ayaa la daabacay. Aynu dib u xasuusanno in mashruuca markii hore lagu sameeyay magaca Ethereal, laakiin 2006, sababtoo ah iskahorimaadka milkiilaha Ethereal, horumariyayaashu waxay ku qasbanaadeen inay dib u magacaabaan mashruuca Wireshark. Xeerka mashruuca waxa lagu qaybiyaa shatiga GPLv2.

Hal-abuurka muhiimka ah ee Wireshark 4.0.0:

  • Qaabka walxaha ku jira daaqadda weyn waa la bedelay. Macluumaadka Xidhmada Dheeraadka ah iyo Baakadaha Baakadaha Baakadaha waxay ku yaalliin dhinac-dhinac ka hooseeya guddiga Liiska Xidhmada.
  • Naqshadaynta sanduuqyada wada hadalka "Wadahadalka" iyo "Dhamaadka" waa la bedelay.
    • Ikhtiyaarada lagu daray liiska macnaha guud si loo cabbiro dhammaan tiirarka loona koobiyo walxaha.
    • Awooda lagu furo oo lagu dhejiyo tabs ayaa la bixiyaa.
    • Taageero lagu daray dhoofinta qaabka JSON
    • Marka filtarrada la mariyo, tiirar ayaa la muujiyaa oo muujinaya faraqa u dhexeeya baakadaha la isku daray iyo kuwa aan la sifeynin.
    • Kala soocida noocyada kala duwan ee xogta waa la bedelay.
    • Aqoonsiyaasha waxay ku xiran yihiin TCP iyo UDP durdurrada iyo awoodda lagu sifeeyo iyaga ayaa la bixiyaa.
    • Loo oggolaaday in laga qariyo wada-hadallada menu-ka macnaha guud.
  • Soo dejinta hex oo la hagaajiyay oo laga keenay isfahamka Wireshark iyo adeegsiga amarka text2pcap.
    • text2pcap wuxuu bixiyaa awooda lagu duubo qashinka oo dhan qaabab ay taageerto maktabadda telefoonada.
    • Text2pcap, pcapng waxaa loo dejiyay qaabka caadiga ah, oo la mid ah editcap, mergecap iyo tshark utilities.
    • Taageero lagu daray doorashada qaabka wax soo saarka nooca encapsulation.
    • Waxaa lagu daray xulashooyin cusub oo loogu talagalay gelitaanka
    • La siiyay awoodda lagu badbaadinayo cidhifyada IP, TCP, UDP iyo SCTP madaxyada qashin-qubka marka la isticmaalayo kaydinta ceyriinka IP, Raw IPV4 iyo Raw IPv6.
    • Taageero lagu daray sawirida galka gelinta iyadoo la adeegsanayo tibaaxo joogto ah.
    • Shaqeynta utility text2pcap iyo "Ka soo dejinta Hex Dump" interface ee Wireshark waa la hubiyaa.
  • Waxqabadka go'aaminta goobta iyadoo la adeegsanayo xogta MaxMind si weyn ayaa loo hagaajiyay.
  • Isbeddel ayaa lagu sameeyay hab-raacyada xeerarka shaandhaynta taraafikada:
    • Waxaa lagu daray awoodda lagu dooranayo lakabka gaarka ah ee xirmada borotokoolka, tusaale ahaan, marka la soo koobayo IP-over-IP, si loo soo saaro cinwaannada baakadaha dibadda iyo kuwa buulka leh, waxaad qeexi kartaa "ip.addr#1 == 1.1.1.1" iyo " ip.addr#2 == 1.1.1.2. XNUMX".
    • Oraahda shuruuda ah hadda waxay taageertaa "mid kasta" iyo "dhammaan" qiyaasaha, tusaale ahaan "dhammaan tcp.port> 1024" si loo tijaabiyo dhammaan tcp.port garoonnada.
    • Waxaa jira isku xidh ku dhex jira oo lagu qeexayo tixraacyada goobta - ${some.field}, oo la hirgeliyay iyada oo aan la isticmaalin macros.
    • Waxaa lagu daray awoodda isticmaalka xisaabaadka ("+", "-", "*", "/", "%") oo leh meelo tirooyin ah, iyada oo la kala saarayo tibaaxaha iyo xargaha curdanka ah.
    • Waxaa lagu daray max(), min() iyo abs().
    • Waa la ogol yahay in la qeexo tibaaxaha oo loogu yeedho hawlaha kale sida doodaha shaqada.
    • Lagu daray syntax cusub si loo kala saaro suugaanta iyo aqoonsiga - qiyamka ka bilaabma dhibicda waxa loola dhaqmaa sidii hab-maamuus ama borotokool, qiimihii xagasha xagasha waxa loola dhaqmaa sidii macno ahaan.
    • Ku darista hawlwadeenka "&", tusaale ahaan, si aad u bedesho jajabyada gaarka ah waxaad qeexi kartaa "frame[0] & 0x0F == 3".
    • Hormarka hawlwadeenka macquulka ah IYO hawlwadeenku hadda wuu ka sarreeyaa ta OR hawlwadeenka.
    • Taageero lagu daray oo lagu qeexayo joogteynta qaabka laba-geesoodka ah iyadoo la adeegsanayo horgalaha "0b".
    • Waxaa lagu daray awoodda isticmaalka qiyamka tusmada taban ee warbixinta laga soo bilaabo dhammaadka, tusaale ahaan, si loo hubiyo labadii bytes ee ugu dambeeya madaxa TCP waxaad qeexi kartaa "tcp[-2:] == AA: BB".
    • Kala saarida walxaha godadka leh waa mamnuuc; isticmaalka boosaska halkii hakad la'aanta waxay hadda horseedi doontaa khalad halkii digniin ah.
    • Waxaa lagu daray tixanayaal baxsad ah: \a, \b, \f, \n, \r, \t, \v.
    • Lagu daray awoodda lagu qeexo xuruufta Unicode qaabka \uNNNN iyo \UNNNNNNN.
    • Waxaa lagu daray hawlwadeen isbarbardhig cusub "===" ("all_eq"), kaas oo shaqeeya kaliya haddii ereyga "a === b" dhammaan qiyamka "a" ay ku beegan yihiin "b". Hawlwadeen gadaale "!==" (" Any_ne") ayaa sidoo kale lagu daray.
    • Hawl-wadeenka "~=" waa la joojiyay oo "!==" waa in la isticmaalo beddelkeeda.
    • Waa mamnuuc in la isticmaalo nambarada leh dhibic furan, i.e. qiimaha".7" iyo "7." hadda waa kuwo aan sax ahayn oo waa in lagu beddelaa "0.7" iyo "7.0".
    • Matoorka hadalka caadiga ah ee mishiinka shaandhada bandhiga waxa loo raray maktabadda PCRE2 halkii GRegex.
    • Maaraynta saxda ah ee bytes-ka aan waxba ka jirin ayaa lagu fuliyaa xadhkaha odhaahda caadiga ah iyo qaab-dhismeedka ('\0' ee xadhigga waxa loola dhaqmaa sidii byte aan jirin).
    • Marka lagu daro 1 iyo 0, qiyamka boolean hadda sidoo kale waxaa loo qori karaa Run/RUN iyo Been/BEEN.
  • Qaybta kala qaybisa HTTP2 waxa ay ku dartay taageerada isticmaalka madax-madaxeedyada si loo kala saaro xogta la qabtay iyada oo aan xidhmo hore oo madax ah la hayn (tusaale ahaan, marka la kala saarayo fariimaha xidhiidhada gRPC ee hore loo aasaasay).
  • Taageerada Mesh Connex (MCX) ayaa lagu daray IEEE 802.11 parser.
  • Kaydinta ku meel gaadhka ah (iyada oo aan lagu kaydin diskka) erayga sirta ah ee ku jira wada-hadalka Extcap ayaa la bixiyaa, si aan loo gelin inta lagu jiro soo-celinta soo noqnoqda. Waxaa lagu daray awoodda lagu dejinayo furaha sirta ah ee extcap iyada oo loo marayo adeegyada khadka taliska sida tshark.
  • Utility ciscodump wuxuu fuliyaa awooda meel fog laga qabsado aaladaha ku saleysan IOS, IOS-XE iyo ASA.
  • Taageerada borotokoolka ee lagu daray:
    • Ogaanshaha Loop-ka Allied Telesis (AT LDF),
    • AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
    • DTN Bundle Protocol Security (BPSec),
    • DTN Bundle Protocol Version 7 (BPv7),
    • DTN TCP Protocol Convergence Layer (TPCCL),
    • Shaxda Macluumaadka Xulashada DVB (DVB SIT),
    • Interface Ganacsi Lacageed La Wanaajiyey 10.0 (XTI),
    • Interface Buugga Dalabka La Wanaajiyey 10.0 (EOBI),
    • Interface Ganacsi La Wanaajiyey 10.0 (ETI),
    • Xeerka Helitaanka Diiwaangelinta Dhaxalka ee FiveCo (5co-legacy),
    • Habka Wareejinta Xogta Guud (GDT),
    • gRPC Web (gRPC-Web),
    • Hab-maamuuska Isku-xidhka IP-ga ee martida loo yahay (HICP),
    • Huawei GRE bonding (GREbond),
    • Module Interface Meesha (Aqoonsiga, CALIBRATION, shaybaarada - IM1, shaybaarada - IM2R0),
    • Mesh Connex (MCX),
    • Bartakoolka Kontaroolka Fog ee Kooxda Microsoft (RCP),
    • Fura borotokoolka kantaroolka ee OCA/AES70 (OCP.1),
    • Xeerka Xaqiijinta Fidinta La Ilaaliyo (PEAP),
    • Xeerka Taxanaha REdis v2 (RESP),
    • Sahanka Roon (RoonDisco),
    • Hab-maamuuska wareejinta faylka ee sugan (sftp),
    • Hab-maamuuska Isku-xidhka IP-ga ee Martigeliyaha sugan (SHICP),
    • Nidaamka Wareejinta Faylka SSH (SFTP),
    • USB Attached SCSI (UASP),
    • Xiriiriyaha Shabakadda ZBOSS (ZB NCP).
  • Shuruudaha deegaanka la dhisayo (CMake 3.10) iyo ku tiirsanaanta (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8) waa la kordhiyey.

Source: opennet.ru

Add a comment