Wireshark network monitor updated to 1.6.0
The Wireshark development team has announced the release of version 1.6.0 of its open source, cross-platform network protocol analyser. Wireshark 1.6.0 improves support for larger files (greater than 2 GB) and can now export SSL session keys and SMB objects. Users can save files with a user-specified group id via Dumpcap, and, similarly to text2pcap, Wireshark can now import text dumps. Version 1.6.0 includes options to display the compiled BPF code for capture filters in the Capture Options dialog.
On Mac OS X systems, Wireshark is now distributed as an installation package manager rather than a drag-installer so that it can add a startup item that "should make it easier to capture packets". Other changes include syntax checking for capture filters, and updated protocol and file capture support, as well as fixes for various bugs.
Further details about the update, including a full list of changes, new features and known problems, can be found in the release notes. The Wireshark 1.6.0 source code and binaries for Windows and Mac OS X are available to download from the project's web site.
Wireshark is licensed under version 2 of the GNU General Public Licence (GPLv2). The latest "Old Stable Release" (legacy branch) is version 1.4.7, a maintenance and security update from the end of May that addressed vulnerabilities found in previous versions.