ProHoster > Blog > litaba tsa inthanete > Wireshark 4.0 network analyzer e lokolloa

Wireshark 4.0 network analyzer e lokolloa

Ho lokolloa ha lekala le lecha le tsitsitseng la Wireshark 4.0 network analyzer e hatisitsoe. Hopola hore morero ona o ne o thehiloe qalong tlas'a lebitso la Ethereal, empa ka 2006 ka lebaka la khohlano le mong'a letšoao la khoebo la Ethereal, bahlahisi ba ile ba qobelloa ho reha morero ona ho Wireshark. Khoutu ea projeke e ajoa tlasa laesense ea GPLv2.

Litlhahiso tsa bohlokoa ho Wireshark 4.0.0:

  • Sebopeho sa likarolo fensetereng e kholo se fetotsoe. Liphanele tsa "Litaba tse Eketsehileng tsa Pakete" le "Package Byte" li behiloe ka mahlakore ka tlase ho karolo ea "Packet List".
  • Fetola moralo oa mabokose a puisano "Dialogue" (Moqoqo) le "Endpoint" (Qetellong).
    • Likhetho tse kentsoeng ho li-menu tsa maemo ho fetola boholo ba likholomo le likarolo tsa ho kopitsa.
    • Bokhoni ba ho hula le ho hokela li-tab bo fanoe.
    • Tšehetso e ekelitsoeng bakeng sa ho romela thepa ea JSON.
    • Ha li-filters li sebelisoa, ho hlahisoa likholomo tse bontšang phapang pakeng tsa lipakete tse sefiloeng le tse sa hloekisoang.
    • Ho hlophisoa ha mefuta e fapaneng ea data ho fetotsoe.
    • Li-identifiers li khomaretsoe ho melapo ea TCP le UDP 'me bokhoni ba ho sefa ka tsona bo fanoe.
    • E lumelletsoe ho pata lipuisano ho tsoa ho menyu ea litaba.
  • E ntlafalitse ho kenngoa ha li-hex dumps ho tsoa ho sebopeho sa Wireshark le ho sebelisa taelo ea text2pcap.
    • text2pcap e fana ka bokhoni ba ho hapa lithōle ka mekhoa eohle e tšehetsoeng ke laebrari ea wiretap.
    • Text2pcap e na le pcapng e behiloeng e le sebopeho sa kamehla, se tšoanang le lisebelisoa tsa editcap, mergecap, le tshark.
    • Tšehetso e ekelitsoeng bakeng sa ho khetha mofuta oa encapsulation ea sebopeho sa tlhahiso.
    • Ho ekelitsoe likhetho tse ncha tsa ho rema lifate.
    • E fane ka bokhoni ba ho lahla lihlooho tsa IP, TCP, UDP, le SCTP ha u sebelisa Raw IP, Raw IPv4, le Raw IPv6 encapsulation.
    • Ts'ehetso e ekelitsoeng bakeng sa ho lekola lifaele tse kentsoeng ka mantsoe a tloaelehileng.
    • E fane ka tekano lipakeng tsa tšebetso ea text2pcap utility le "Import from Hex Dump" interface ho Wireshark.
  • Ts'ebetso e ntlafalitsoeng haholo ea sebaka ka ho sebelisa li-database tsa MaxMind.
  • Liphetoho li entsoe ho syntax ea melao ea ho sefa sephethephethe:
    • E kenyellelitse bokhoni ba ho khetha lera le itseng la "protocol stack", ka mohlala, ha o kenyelletsa IP-over-IP ho ntša liaterese ho tloha lipaketeng tsa ka ntle le tse behiloeng, o ka hlalosa "ip.addr#1 == 1.1.1.1" le "ip .addr#2 == 1.1.1.2. XNUMX".
    • Litaelong tsa maemo, ts'ehetso ea "leha e le efe" le "tsohle" quantifiers e kenngoa ts'ebetsong, mohlala, "all tcp.port > 1024" ho hlahloba likarolo tsohle tsa tcp.port.
    • Syntax e hahelletsoeng bakeng sa ho hlakisa litšupiso tsa tšimo - ${some.field}, e kentsoeng ntle le tšebeliso ea macros.
    • E ekelitse bokhoni ba ho sebelisa lipalo ("+", "-", "*", "/", "%") ka likarolo tsa linomoro, ho arola polelo ka masakaneng a harelaneng.
    • E kentse max(), min() le abs() mesebetsi.
    • E lumelloa ho hlakisa lipolelo le ho bitsa mesebetsi e meng e le mabaka a tshebetso.
    • Ho kenyellelitsoe syntax e ncha ho arola litlhaku ho li-literals ho li-identifiers - boleng bo qalang ka letheba bo nkuoa e le sebaka sa protocol kapa protocol, 'me boleng ba masakaneng bo nkuoa joalo ka ntho ea sebele.
    • E kenyelelitsoe bit opereishene "&", mohlala, ho fetola likotoana ka bomong, o ka hlakisa "frame[0] & 0x0F == 3".
    • Boemo ba pele ba logic LE opareitara bo se bo phahame ho feta ba OR opareitara.
    • Tšehetso e ekelitsoeng bakeng sa ho hlakisa li-constants ka sebopeho sa binary ho sebelisa sehlomathiso sa "0b".
    • E kentse bokhoni ba ho sebelisa litekanyetso tse mpe tsa index ho tlaleha ho tloha qetellong, ho etsa mohlala, ho hlahloba li-byte tse peli tsa ho qetela sehloohong sa TCP, o ka hlakisa "tcp[-2:] == AA:BB".
    • Ho thibetsoe ho arola likarolo tsa sete e nang le libaka, ho sebelisa libaka ho e-na le koma joale ho tla lebisa phosong ho e-na le temoso.
    • E ekelitse tatelano e eketsehileng ea ho phonyoha: \a, \b, \f, \n, \r, \t, \v.
    • E kentse bokhoni ba ho hlakisa litlhaku tsa Unicode ka sebopeho \uNNNN le \UNNNNNNNN.
    • Ho kentsoe papiso e ncha "===" ("all_eq"), e sebetsang feela haeba polelong "a === b" litekanyetso tsohle tsa "a" li tšoana le "b". E boetse e ekelitsoe "!==" ("any_ne").
    • "~=" opareitara e tlositsoe mme "!==" e lokela ho sebelisoa sebakeng sa eona.
    • Ho thibetsoe ho sebelisa linomoro tse nang le letheba le sa koaloang, i.e. boleng ".7" le "7." ha joale ha li sebetse 'me li lokela ho nkeloa sebaka ke "0.7" le "7.0".
    • Enjene ea kamehla ea polelo e ka har'a enjene ea sefe ea ponts'o e isitsoe laeboraring ea PCRE2 sebakeng sa GRegex.
    • Li-byte tse se nang letho li ts'oaroa ka nepo ka likhoele le lipaterone tse tloaelehileng tsa polelo ('\0' thapo e nkuoa joalo ka lefeela).
    • Ntle le 1 le 0, litekanyetso tsa boolean joale le tsona li ka ngoloa joalo ka 'Nete/'NETE le Bohata/MAHATA.
  • Ts'ehetso e kenyellelitsoeng ho HTTP2 dissector ho sebelisa lihlooho tsa bohata ho arola data e ileng ea amoheloa ntle le lipakete tse fetileng tse nang le lihlooho (mohlala, ha u fetisa melaetsa ho likhokahano tsa gRPC tse seng li thehiloe).
  • Ts'ehetso ea Mesh Connex (MCX) e kenyellelitsoe ho IEEE 802.11 parser.
  • Poloko ea nakoana (ntle le ho boloka disk) ea phasewete e lebokoseng la Extcap e fanoe e le hore e se ke ea e kenya nakong ea ho qala khafetsa. E kenyellelitse bokhoni ba ho beha password ea extcap ka lisebelisoa tsa mohala oa taelo joalo ka tshark.
  • Sesebelisoa sa ciscodump se sebelisa bokhoni ba ho ts'oara hole le lisebelisoa tse thehiloeng ho IOS, IOS-XE le ASA.
  • Tšehetso e eketsehileng bakeng sa liprothokholo:
    • Allied Telesis Loop Detection (AT LDF),
    • AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
    • DTN Bundle Protocol Security (BPSec),
    • DTN Bundle Protocol Version 7 (BPv7),
    • DTN TCP Convergence Layer Protocol (TCPCL),
    • Lethathamo la Lintlha tsa Khetho ea DVB (DVB SIT),
    • Ntlafatso ea Khoebo ea Chelete 10.0 (XTI),
    • Sebopeho se Matlafalitsoeng sa Buka ea 10.0 (EOBI),
    • Ntlafatso ea Khoebo ea 10.0 (ETI),
    • Porothokhole ea Phihlello ea Ngoliso ea Lefa la FiveCo (5co-legacy),
    • Protocol ea Phetiso ea Boitsebiso (GDT),
    • Websaete ea gRPC (Websaete ea gRPC),
    • Host IP Configuration Protocol (HICP)
    • Huawei GRE bonding (GREbond),
    • Sebaka sa Sehokelo sa Sebaka (IDENT, CALIBRATION, lisampole - IM1, lisampole - IM2R0),
    • Mesh Connex (MCX),
    • Microsoft Cluster Remote Control Protocol (RCP),
    • Open Control Protocol bakeng sa OCA/AES70 (OCP.1),
    • Protocol Extensible Authentication Protocol (PEAP),
    • REdis Serialization Protocol v2 (RESP),
    • Roon Discovery (RoonDisco),
    • Secure File Transfer Protocol (sftp),
    • Secure Host IP Configuration Protocol (SHICP),
    • SSH File Transfer Protocol (SFTP),
    • USB e khomaretsoeng SCSI (UASP),
    • ZBOSS Network Coprocessor (ZB NCP).
  • Keketseho ea litlhoko tsa tikoloho ea kaho (CMake 3.10) le tse itšetlehileng ka tsona (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8).

Source: opennet.ru

Eketsa ka tlhaloso