ProHoster > Blog > litaba tsa inthanete > Wireshark 3.6 network analyzer e lokolloa

Wireshark 3.6 network analyzer e lokolloa

Kamora selemo sa nts'etsopele, ho ile ha lokolloa lekala le lecha le tsitsitseng la Wireshark 3.6 network analyzer. A re hopoleng hore morero ona o ile oa thehoa qalong tlas'a lebitso la Ethereal, empa ka 2006, ka lebaka la khohlano le mong'a letšoao la khoebo la Ethereal, bahlahisi ba ile ba qobelloa ho reha morero oa Wireshark. Khoutu ea projeke e ajoa tlasa laesense ea GPLv2.

Litlhahiso tsa bohlokoa ho Wireshark 3.6.0:

  • Liphetoho li entsoe ho syntax ea melao ea ho sefa sephethephethe:
    • Tšehetso e ekelitsoeng bakeng sa syntax "a ~= b" kapa "a any_ne b" ho khetha boleng leha e le bofe ntle le bo le bong.
    • Tšehetso e ekelitsoeng bakeng sa syntax ea "a not in b", e ts'oanang hantle le "not a in b".
    • E lumelloa ho hlakisa likhoele ka papiso le likhoele tse tala ho Python, ntle le tlhoko ea ho baleha litlhaku tse ikhethang.
    • Poleloana "a != b" e se e ntse e tšoana le poleloana "!(a == b)" ha e sebelisoa ka boleng ba likarolo tse ngata ("ip.addr != 1.1.1.1" e se e tšoana le ho hlakisa "ip.src != 1.1.1.1. 1.1.1.1 le ip.dst != XNUMX").
    • Likarolo tsa manane a sete li tlameha ho aroloa feela ka lifeheloa, ho arola ka libaka ha ho lumelloe (ke hore, 'http.request.method ho {"GET" "HEAD"}' e lokela ho nkeloa sebaka ke 'http.request.method in {" FUMANA" , "HLOOHO"}'.
  • Bakeng sa sephethephethe sa TCP, filthara ea tcp.completeness e kentsoe, e leng se u lumellang ho arola melapo ea TCP ho latela boemo ba ts'ebetso ea khokahanyo, ke hore. O ka tseba phallo ea TCP eo lipakete li ileng tsa fapanyetsanoa ho tsona ho theha, ho fetisa data, kapa ho emisa khokahano.
  • E kenyellelitse "add_default_value", eo ka eona u ka hlakisang litekanyetso tsa kamehla bakeng sa masimo a Protobuf a sa hlophisoang kapa a sa tlosoe ha o hapa sephethephethe.
  • Tšehetso e ekelitsoeng bakeng sa ho bala lifaele tse nang le sephethephethe se thibetsoeng ka sebopeho sa ETW (Event Tracing for Windows). Mojule oa dissector le ona o kentsoe bakeng sa liphutheloana tsa DLT_ETW.
  • E kentse "Latela DCCP stream", e o lumellang ho sefa le ho ntša litaba ho tsoa melapong ea DCCP.
  • Tšehetso e ekelitsoeng bakeng sa ho arola lipakete tsa RTP tse nang le data ea molumo ka sebopeho sa OPUS.
  • Hoa khonahala ho kenya lipakete tse kentsoeng ho tsoa ho thotobolo ea mongolo ho ea ho fomete ea libpcap ka ho beha melao ea ho arola e ipapisitseng le mantsoe a tloaelehileng.
  • RTP stream player (Telephony > RTP > RTP Player) e hlophisitsoe bocha, e ka sebelisoang ho bapala mehala ea VoIP. Tšehetso e ekelitsoeng bakeng sa manane a bapaloang, karabelo e eketsehileng ea sebopeho, e fane ka bokhoni ba ho khutsisa molumo le ho fetola likanale, e kenyellelitse khetho ea ho boloka melumo e bapaloang ka mokhoa oa lifaele tse ngata tsa kananelo .au kapa .wav.
  • Lipuisano tse amanang le VoIP li hlophisitsoe bocha (Mehala ea VoIP, Mehala ea RTP, Analysis ea RTP, RTP Player le SIP Flows), tseo hona joale e seng tsa modal 'me li ka buloa ka morao.
  • Bokhoni ba ho latella mehala ea SIP ho latela boleng ba Call-ID bo kentsoe moqoqong oa "Latela Phallo". Lintlha tse eketsehileng ho tlhahiso ea YAML.
  • Bokhoni ba ho kopanya likhechana tsa lipakete tsa IP tse nang le li-ID tsa VLAN tse fapaneng bo kentsoe tšebetsong.
  • E kentse sebatli bakeng sa ho aha bocha lipakete tsa USB (USB Link Layer) tse amohetsoeng ka lisebelisoa tsa lisebelisoa tsa lisebelisoa.
  • E kenyellelitsoe "--export-tls-session-keys" kgetho ho TShark ho romela linotlolo tsa nako ea TLS.
  • Puisano ea ho romela thepa ka sebopeho sa CSV e fetotsoe ho RTP stream analyzer
  • Ho theoa ha liphutheloana tsa litsamaiso tse thehiloeng ho macOS tse nang le chip ea Apple M1 ARM ho se ho qalile. Liphutheloana tsa lisebelisoa tsa Apple tse nang le li-chips tsa Intel li na le litlhoko tse eketsehileng bakeng sa mofuta oa macOS (10.13+). E kentse liphutheloana tse nkehang tsa 64-bit bakeng sa Windows (PortableApps). E kenyellelitse tšehetso ea pele ea ho aha Wireshark bakeng sa Windows e sebelisang GCC le MinGW-w64.
  • Tšehetso e ekelitsoeng bakeng sa ho khetholla le ho hapa lintlha ka mokhoa oa BLF (Informatik Binary Log File).
  • Tšehetso e eketsehileng bakeng sa liprothokholo:
    • Bluetooth Link Manager Protocol (BT LMP),
    • Mofuta oa 7 oa Bundle Protocol (BPv7),
    • Bundle Protocol version 7 Security (BPSec),
    • CBOR Ho Saena le ho Encryption (COSE),
    • E2 Application Protocol (E2AP),
    • Tlhōlisano ea Ketsahalo ea Windows (ETW),
    • Eth e eketsehileng Header (EXEH),
    • Mokhoa o Phahameng oa Ts'ebetso ea Khokahano (HiPerConTracer),
    • ISO 10681,
    • Kerberos BUA
    • linux psample protocol,
    • Local Interconnect Network (LIN),
    • Microsoft Task scheduler Service,
    • O-RAN E2AP,
    • O-RAN fronthaul UC-plane (O-RAN),
    • Opus Interactive Audio Codec (OPUS),
    • Tsamaiso ea Lipalangoang PDU, R09.x (R09),
    • RDP Dynamic Channel Protocol (DRDYNVC),
    • RDP Graphic channel pipeline Protocol (EGFX),
    • RDP Multi-transport (RDPMT),
    • Phatlalatso ea Nako ea 'Nete-Subscribe Virtual Transport (RTPS-VT),
    • Phatlalatso ea Nako ea 'Nete-Subscribe Wire Protocol (e sebelitsoe) (RTPS-PROC),
    • Khokahano e Kopanetsoeng ea Memori (SMC),
    • Letšoao la PDU, SparkplugB,
    • State Synchronization Protocol (SSyncP),
    • Fomete ea Faele ea Tagged (TIFF),
    • TP-Link Smart Home Protocol,
    • UAVCAN DSDL,
    • UAVCAN / CAN,
    • UDP Remote Desktop Protocol (RDPUDP),
    • Van Jacobson PPP compression (VJC),
    • Lefatše la Ntoa ea Lefatše (WOWW),
    • X2 xIRI mojaro oa moputso (xIRI).

Source: opennet.ru

Eketsa ka tlhaloso