What’s new in Wireshark 2.6 ?

In less than ten months of Wireshark’s last release, the Wireshark community has now released Wireshark 2.6.

Wireshark is one of the popular tools to analyze traffic over a network interface or a network stream. It is used for troubleshooting, analysis, development and education. Wireshark is based on the Gerald Combs-initiated “Ethereal” project, released under the terms of the GNU General Public License (GNU GPL).

Wireshark 2.6 is released with numerous innovations, improvements and bug fixes. The highlight of Wireshark 2.6 is that, it is the last release that will support the legacy (GTK+) user interface. It will not be supported or available in Wireshark 3.0.

Major improvements since 2.5, the last version, include:

• This version now supports HTTP Request sequences.
• Support for MaxMind DB files, GeoIP and GeoLite Legacy databases has been removed.
• Windows packages are now built using Microsoft Visual Studio 2017.
• The IP map feature (the “Map” button in the “Endpoints” dialog) has been removed.

Some other improvements since the version 2.4

• Display filter buttons can now be edited, disabled, and removed via a context menu directly from the toolbar
• Support for hardware-timestamping of packets has been added
• Application startup time has been reduced.
• Some keyboard shortcut mix-ups have been resolved by assigning new shortcuts to Edit → Copy methods

New Protocol Support:

Many protocols have been added including the following.

• ActiveMQ Artemis Core Protocol: This supports interceptors to intercept packets entering and exiting the server.
• Bluetooth Mesh Protocol : This allows (Bluetooth Low Energy) BLE devices to network together to carry data back to a gateway device, where it can be further routed to the internet.
• Steam In-Home Streaming discovery protocol: This allows one to use input and output on a single computer, and lets another computer actually handle the rendering, calculations, networking etc.

Bug Fix:

Dumpcap, a network traffic dump tool which lets one capture packet data from a live network and write the packets to a file, might not quit if Wireshark or TShark crashes. (Bug 1419)

To know more about the updates in detail, read Wireshark 2.6.0 Release Notes

Read Next

• What is Digital Forensics?
• Microsoft Cloud Services get GDPR Enhancements
• IoT Forensics: Security in an always connected world where things talk