I found it and am now installing it on my test machine- it will reboot in a few moments, because I'm installing what seems to be a new facility: usbpcap
I think that's installed because I selected a new option to do with Android capture. That should prove most interesting. Kurt On Thu, Nov 19, 2015 at 7:36 AM, Andrew S. Baker <[email protected]> wrote: > I hadn't seen it as yet... > > > > > > > *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> > *Providing Virtual CIO Services (IT Operations & Information Security) for > the SMB market…* > > * GPG: *1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A > > > On Wed, Nov 18, 2015 at 6:41 PM, Kurt Buff <[email protected]> wrote: > >> I haven't tried it yet. It doesn't seem to have propagated to the >> download servers. >> >> I haven't tried the RCs, either. >> >> Kurt >> >> >> ---------- Forwarded message ---------- >> From: Gerald Combs <[email protected]> >> Date: Wed, Nov 18, 2015 at 3:24 PM >> Subject: [Wireshark-users] Wireshark 2.0.0 is now available >> To: [email protected], Community support list for >> Wireshark <[email protected]>, Developer support list for >> Wireshark <[email protected]> >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> I'm proud to announce the release of Wireshark 2.0.0. >> >> __________________________________________________________________ >> >> What is Wireshark? >> >> Wireshark is the world's most popular network protocol analyzer. It is >> used for troubleshooting, analysis, development and education. >> __________________________________________________________________ >> >> What's New >> >> Wireshark 2.0 features a completely new user interface which should >> provide a smoother, faster user experience. The new interface should be >> familiar to current users of Wireshark but provide a faster workflow >> for many tasks. >> >> The Windows installer provides the option of installing either the new >> interface ("Wirehsark") or the old interface ("Wireshark Legacy"). Both >> are installed by default. Note that the legacy interface will be >> removed in Wireshark 2.2. >> >> The OS X installer only provides the new interface. If you need the old >> interface you can install it via Homebrew or MacPorts. >> >> Wireshark's Debian- and RPM-based package definitions provide the new >> interface in the "wireshark-qt" package and the old interface in the >> "wireshark-gtk" package. It is hoped that downstream distributions will >> follow this convention. >> >> New and Updated Features >> >> The following features are new (or have been significantly updated) >> since version 2.0.0rc3: >> * An RTP player crash has been fixed. >> * Flow graph issues have been fixed. Bug [1]Bug 11710. >> * A Follow Stream dialog crash has been fixed. Bug [2]Bug 11711. >> * An extcap crash has been fixed. >> * A file merge crash has been fixed. Bug [3]Bug 11718. >> * A handle leak crash has been fixed. Bug [4]Bug 11702. >> * Several other crashes and usability issues have been fixed. >> >> The following features are new (or have been significantly updated) >> since version 2.0.0rc2: >> * Column editing now works correctly. Bug [5]Bug 11433. >> * Renaming profiles has been fixed. Bug [6]Bug 11658. >> * "File"->Merge no longer crashes on Windows. Bug [7]Bug 11684. >> * Icons in the main toolbar obey magnification settings on Windows. >> Bug [8]Bug 11675. >> * The Windows installer does a better job of detecting WinPcap. Bug >> [9]Bug 10867. >> * The main window no longer appears off-screen on Windows. Bug >> [10]Bug 11568. >> >> The following features are new (or have been significantly updated) >> since version 2.0.0rc1: >> * For new installations on UN*X, the directory for user preferences >> is $HOME/.config/wireshark rather than $HOME/.wireshark. If that >> directory is absent, preferences will still be found and stored >> under $HOME/.wireshark. >> * Qt port: >> + The SIP Statistics dialog has been added. >> + You can now create filter expressions from the display filter >> toolbar. >> + Bugs in the UAT preferences dialog has been fixed. >> * Several dissector and Qt UI crash bugs have been fixed. >> * Problems with the OS X application bundle have been fixed. >> >> The following features are new (or have been significantly updated) >> since version 1.99.9: >> * Qt port: >> + The LTE RLC Graph dialog has been added. >> + The LTE MAC Statistics dialog has been added. >> + The LTE RLC Statistics dialog has been added. >> + The IAX2 Analysis dialog has been added. >> + The Conversation Hash Tables dialog has been added. >> + The Dissector Tables dialog has been added. >> + The Supported Protocols dialog has been added. >> + You can now zoom the I/O and TCP Stream graph X and Y axes >> independently. >> + The RTP Player dialog has been added. >> + Several memory leaks have been fixed. >> >> The following features are new (or have been significantly updated) >> since version 1.99.8: >> * Qt port: >> + The MTP3 statistics and summary dialogs have been added. >> + The WAP-WSP statistics dialog has been added. >> + The UDP multicast statistics dialog has been added. >> + The WLAN statistics dialog has been added. >> + The display filter macros dialog has been added. >> + The capture file properties dialog now includes packet >> comments. >> + Many more statistics dialogs can be opened from the command >> line via -z .... >> + Most dialogs now have a cancellable progress bar. >> + Many packet list and packet detail context menus items have >> been added. >> + Lua plugins can be reloaded from the Analyze menu. >> + Many bug fixes and improvements. >> >> The following features are new (or have been significantly updated) >> since version 1.99.7: >> * Qt port: >> + The Enabled Protocols dialog has been added. >> + Many statistics dialogs have been added, including Service >> response time, DHCP/BOOTP, and ANSI. >> + The RTP Analysis dialog has been added. >> + Lua dialog support has been added. >> + You can now manually resolve addresses. >> + The Resolved Addresses dialog has been added. >> + The packet list scrollbar now has a minimap. >> + The capture interfaces dialog has been updated. >> + You can now colorize conversations. >> + Welcome screen behavior has been improved. >> + Plugin support has been improved. >> + Many dialogs should now more correctly minimize and maximize. >> + The reload button has been added back to the toolbar. >> + The "Decode As" dialog no longer saves decoding behavior. >> + You can now stop loading large capture files. >> + The Bluetooth HCI Summary has been added. >> >> The following features are new (or have been significantly updated) >> since version 1.99.6: >> * Qt port: >> + The Bluetooth Devices dialog has been added. >> + The wireless toolbar has been added. >> + Opening files via drag and drop is now supported. >> + The Capture Filter and Display Filter dialogs have been added. >> + The Display Filter Expression dialog has been added. >> + Conversation Filter menu items have been added. >> + You can change protocol preferences by right clicking on the >> packet list and details. >> >> The following features are new (or have been significantly updated) >> since version 1.99.4 and 1.99.5: >> * Qt port: >> + Capture restarts are now supported. >> + Menu items for plugins are now supported. >> + Extcap interfaces are now supported. >> + The Expert Information dialog has been added. >> + Display and capture filter completion is now supported. >> + Many bugs have been fixed. >> + Translations have been updated. >> >> The following features are new (or have been significantly updated) >> since version 1.99.3: >> * Qt port: >> + Several interface bugs have been fixed. >> + Translations have been updated. >> >> The following features are new (or have been significantly updated) >> since version 1.99.2: >> * Qt port: >> + Several bugs have been fixed. >> + You can now open a packet in a new window. >> + The Bluetooth ATT Server Attributes dialog has been added. >> + The Coloring Rules dialog has been added. >> + Many translations have been updated. Chinese, Italian and >> Polish translations are complete. >> + General user interface and usability improvements. >> + Automatic scrolling during capture now works. >> + The related packet indicator has been updated. >> >> The following features are new (or have been significantly updated) >> since version 1.99.1: >> * Qt port: >> + The welcome screen layout has been updated. >> + The Preferences dialog no longer crashes on Windows. >> + The packet list header menu has been added. >> + Statistics tree plugins are now supported. >> + The window icon is now displayed properly in the Windows >> taskbar. >> + A packet list an byte view selection bug has been fixed >> ([11]Bug 10896) >> + The RTP Streams dialog has been added. >> + The Protocol Hierarchy Statistics dialog has been added. >> >> The following features are new (or have been significantly updated) >> since version 1.99.0: >> * Qt port: >> + You can now show and hide toolbars and major widgets using the >> View menu. >> + You can now set the time display format and precision. >> + The byte view widget is much faster, particularly when >> selecting large reassembled packets. >> + The byte view is explorable. Hovering over it highlights the >> corresponding field and shows a description in the status bar. >> + An Italian translation has been added. >> + The Summary dialog has been updated and renamed to Capture >> File Properties. >> + The VoIP Calls and SIP Flows dialogs have been added. >> + Support for HiDPI / Retina displays has been improved in the >> official packages. >> * DNS stats: + A new stats tree has been added to the Statistics >> menu. Now it is possible to collect stats such as qtype/qclass >> distribution, number of resource record per response section, and >> stats data (min, max, avg) for values such as query name length or >> DNS payload. >> * HPFEEDS stats: + A new stats tree has been added to the statistics >> menu. Now it is possible to collect stats per channel (messages >> count and payload size), and opcode distribution. >> * HTTP2 stats: + A new stats tree has been added to the statistics >> menu. Now it is possible to collect stats (type distribution). >> >> The following features are new (or have been significantly updated) >> since version 1.12.0: >> * The I/O Graph in the Gtk+ UI now supports an unlimited number of >> data points (up from 100k). >> * TShark now resets its state when changing files in ring-buffer >> mode. >> * Expert Info severities can now be configured. >> * Wireshark now supports external capture interfaces. External >> capture interfaces can be anything from a tcpdump-over-ssh pipe to >> a program that captures from proprietary or non-standard hardware. >> This functionality is not available in the Qt UI yet. >> * Qt port: >> + The Qt UI is now the default (program name is wireshark). >> + A Polish translation has been added. >> + The Interfaces dialog has been added. >> + The interface list is now updated when interfaces appear or >> disappear. >> + The Conversations and Endpoints dialogs have been added. >> + A Japanese translation has been added. >> + It is now possible to manage remote capture interfaces. >> + Windows: taskbar progress support has been added. >> + Most toolbar actions are in place and work. >> + More command line options are now supported >> >> New File Format Decoding Support >> >> Wireshark is able to display the format of some types of files (rather >> than displaying the contents of those files). This is useful when >> you're curious about, or debugging, a file and its format. To open a >> capture file (such as PCAP) in this mode specify "MIME Files Format" as >> the file's format in the Open File dialog. >> >> New files that Wireshark can open in this mode include: >> >> BTSNOOP, PCAP, and PCAPNG >> >> New Protocol Support >> >> Aeron, AllJoyn Reliable Datagram Protocol, Android Debug Bridge, >> Android Debug Bridge Service, Android Logcat text, Apache Tribes >> Heartbeat, APT-X Codec, B.A.T.M.A.N. GW, B.A.T.M.A.N. Vis, BGP >> Monitoring Prototol (BMP), Bluetooth Broadcom HCI, Bluetooth GATT >> Attributes (many), Bluetooth OBEX Applications (many), BSSAP2, C15 Call >> History Protocol (C15ch) and others, Celerra VNX, Ceph, Chargen, >> Classical IP, Concise Binary Object Representation (CBOR) (RFC 7049), >> Corosync Totem Single Ring Protocol, Corosync Totemnet, Couchbase, CP >> "Cooper" 2179, CSN.1, dCache, DJI UAV Drone Control Protocol, Dynamic >> Source Routing (RFC 4728), Elasticsearch, ETSI Card Application Toolkit >> - Transport Protocol, eXpressive Internet Protocol (XIP), GDB Remote >> Serial Protocol, Generic Network Virtualization Encapsulation (Geneve), >> Geospatial and Imagery Access Service (GIAS), Gias Dissector Using GIOP >> API, GPRS Tunneling Protocol Prim, GVSP GigE Vision (TM) Streaming >> Protocol, H.225 RAS, Harman HiQnet, HCrt, Hotline Command-Response >> Transaction Protocol, IEEE 802.11 radio information, IP Detail Record >> (IPDR), IPMI Trace, iSER, KNXnetIP, Link Aggregation Control Protocol, >> Link Aggregation Marker Protocol, Link Layer Topology Discovery, >> Link-local Multicast Name Resolution, LISP TCP Control Message, >> Locator/ID Separation Protocol (Reliable Transport), MACsec Key >> Agreement - EAPoL-MKA, MCPE (Minecraft Pocket Edition), Message Queuing >> Telemetry Transport For Sensor Networks (MQTT-SN), Minecraft Pocket >> Edition, MQ Telemetry Transport Protocol for Sensor Networks, Multicast >> Domain Name Service (mDNS), Neighborhood Watch Protocol (NWP), Network >> File System over Remote Direct Memory Access (NFSoRDMA), OAMPDU, OCFS2, >> OptoMMP, Organization Specific Slow Protocol (OSSP), Packet Cable >> Lawful Intercept (8 byte CCCID), Packet Cable Lawful Intercept >> (timestamp), Packet Cable Lawful Intercept (timestamp case ID), >> PacketCable MTA FQDN, Performance Co-Pilot Proxy, QNEX6 (QNET), RakNet >> games library, Remote Shared Virtual Disk (RSVD), Riemann, RPC over >> RDMA (RPCoRDMA), S7 Communication, Secure Socket Tunnel Protocol >> (SSTP), Shared Memory Communications - RDMA (SMCR), Stateless Transport >> Tunneling, Sysdig system call events, TCP based Robot Operating System >> protocol (TCPROS), Thrift, Time Division Multiplexing over Packet >> Network (TDMoP), Video Services over IP (VSIP), Windows Search Protocol >> (MS-WSP), XIP Serval, ZigBee ZCL (many), and ZVT Kassenschnittstelle >> >> Updated Protocol Support >> >> Too many protocols have been updated to list here. >> >> New and Updated Capture File Support >> >> 3GPP TS 32.423 Trace, Android Logcat text files, Colasoft Capsa files, >> Netscaler 3.5, and Symbian OS BTSNOOP File Format >> >> Additionally, Wireshark now supports nanosecond timestamp resolution in >> PCAP-NG files. >> >> New and Updated Capture Interfaces support >> >> Androiddump support now provides interfaces to capture (Logcat, >> Bluetooth and WiFi) from connected Android devices. >> >> Major API Changes >> >> The libwireshark API has undergone some major changes: >> * The emem framework (including all ep_ and se_ memory allocation >> routines) has been completely removed in favour of wmem which is >> now fully mature. >> * The (long-since-broken) Python bindings support has been removed. >> If you want to write dissectors in something other than C, use Lua. >> * Plugins can now create GUI menu items. >> * Heuristic dissectors can now be globally enabled/disabled so >> heur_dissector_add() has a few more parameters to make that >> possible >> * proto_tree_add_text has been removed. >> * tvb_length() has been removed in favor of tvb_reported_length() and >> tvb_captured_length(). >> * The API for ONC RPC-based dissectors has changed significantly: the >> procedure dissectors no longer take an offset, void-argument >> procedures now need to be declared with a function (use >> dissect_rpc_void()), and rpc_init_prog() now handles procedure >> registration too (it takes additional arguments to handle this; >> rpc_init_proc_table() was removed). >> __________________________________________________________________ >> >> Getting Wireshark >> >> Wireshark source code and installation packages are available from >> [12]https://www.wireshark.org/download.html. >> >> Vendor-supplied Packages >> >> Most Linux and Unix vendors supply their own Wireshark packages. You >> can usually install or upgrade Wireshark using the package management >> system specific to that platform. A list of third-party packages can be >> found on the [13]download page on the Wireshark web site. >> __________________________________________________________________ >> >> File Locations >> >> Wireshark and TShark look in several different locations for preference >> files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations >> vary from platform to platform. You can use About->Folders to find the >> default locations on your system. >> __________________________________________________________________ >> >> Known Problems >> >> Dumpcap might not quit if Wireshark or TShark crashes. ([14]Bug 1419) >> >> The BER dissector might infinitely loop. ([15]Bug 1516) >> >> Capture filters aren't applied when capturing from named pipes. >> ([16]Bug 1814) >> >> Filtering tshark captures with read filters (-R) no longer works. >> ([17]Bug 2234) >> >> Resolving ([18]Bug 9044) reopens ([19]Bug 3528) so that Wireshark no >> longer automatically decodes gzip data when following a TCP stream. >> >> Application crash when changing real-time option. ([20]Bug 4035) >> >> Hex pane display issue after startup. ([21]Bug 4056) >> >> Packet list rows are oversized. ([22]Bug 4357) >> >> Wireshark and TShark will display incorrect delta times in some cases. >> ([23]Bug 4985) >> >> The 64-bit version of Wireshark will leak memory on Windows when the >> display depth is set to 16 bits ([24]Bug 9914) >> >> Wireshark should let you work with multiple capture files. ([25]Bug >> 10488) >> __________________________________________________________________ >> >> Getting Help >> >> Community support is available on [26]Wireshark's Q&A site and on the >> wireshark-users mailing list. Subscription information and archives for >> all of Wireshark's mailing lists can be found on [27]the web site. >> >> Official Wireshark training and certification are available from >> [28]Wireshark University. >> __________________________________________________________________ >> >> Frequently Asked Questions >> >> A complete FAQ is available on the [29]Wireshark web site. >> __________________________________________________________________ >> >> Last updated 2015-11-18 23:23:06 UTC >> >> References >> >> 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11710 >> 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11711 >> 3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11718 >> 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11702 >> 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11433 >> 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11658 >> 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11684 >> 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11675 >> 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10867 >> 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11568 >> 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10896 >> 12. https://www.wireshark.org/download.html >> 13. https://www.wireshark.org/download.html#thirdparty >> 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 >> 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 >> 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 >> 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 >> 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044 >> 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528 >> 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 >> 21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056 >> 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 >> 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 >> 24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9914 >> 25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 >> 26. https://ask.wireshark.org/ >> 27. https://www.wireshark.org/lists/ >> 28. http://www.wiresharktraining.com/ >> 29. https://www.wireshark.org/faq.html >> >> >> Digests >> >> wireshark-2.0.0.tar.bz2: 30976957 bytes >> >> SHA256(wireshark-2.0.0.tar.bz2)=90026c761a85701d7783c7e2eaa4c1de247dfbadbd53221df355f121e42691dd >> >> RIPEMD160(wireshark-2.0.0.tar.bz2)=79b1badcb34ce5d4d6b8c43de7d0ed2c7c301527 >> SHA1(wireshark-2.0.0.tar.bz2)=f8b226b40e36e4c431b4f70bc3f523b6dd53a501 >> MD5(wireshark-2.0.0.tar.bz2)=5909af2a09a9a3023ba61bc62e787ad2 >> >> Wireshark-win32-2.0.0.exe: 37999376 bytes >> >> SHA256(Wireshark-win32-2.0.0.exe)=eb791240f4d3e8562e24fb494597b04050820f1991e5dd82b741b7f240661ecf >> >> RIPEMD160(Wireshark-win32-2.0.0.exe)=614ac3e7afaa43604fbb3ee0797ea1a3482ebe46 >> SHA1(Wireshark-win32-2.0.0.exe)=bbc67138a407aeb10e8e60511922464ffe6826ab >> MD5(Wireshark-win32-2.0.0.exe)=5555295e497746617794f432e7d6b4d0 >> >> Wireshark-win64-2.0.0.exe: 40868360 bytes >> >> SHA256(Wireshark-win64-2.0.0.exe)=72949ee020a9b21c7cff94b68920db883504ddbb442870496095471b20707feb >> >> RIPEMD160(Wireshark-win64-2.0.0.exe)=a9be8241c6f50f338860bc1af680201d35b02142 >> SHA1(Wireshark-win64-2.0.0.exe)=2aaf8c76526222f29b3f8f157e56cecd9014dfcd >> MD5(Wireshark-win64-2.0.0.exe)=bec01ee4b13f6fd919cedf8ee7b367cf >> >> WiresharkPortable_2.0.0.paf.exe: 42739752 bytes >> >> SHA256(WiresharkPortable_2.0.0.paf.exe)=470933e60832d9a053d14ffadaade9262bdb7a517d690f37e0db0761bf73c892 >> >> RIPEMD160(WiresharkPortable_2.0.0.paf.exe)=c8a9b29d558e33980ad507a1c9d109480cf4b2a7 >> >> SHA1(WiresharkPortable_2.0.0.paf.exe)=6e1d1c529a3a487ac4d7874a7ccc98ea8ad9b5c8 >> MD5(WiresharkPortable_2.0.0.paf.exe)=fec2647be084c92ca9167f03637744cb >> >> Wireshark 2.0.0 Intel 64.dmg: 31522805 bytes >> SHA256(Wireshark 2.0.0 Intel >> 64.dmg)=4e981904bcc29a3c4fcab57fee85a0844a0d8c5df0844cbedb21de62b2db2f22 >> RIPEMD160(Wireshark 2.0.0 Intel >> 64.dmg)=c6425d398af4d0779865377a683d9945566a1d68 >> SHA1(Wireshark 2.0.0 Intel >> 64.dmg)=825f6f97dc782b4109705e780c93a26ea70080ae >> MD5(Wireshark 2.0.0 Intel 64.dmg)=19cece26bf58f18704c71f7d6bbce2ab >> >> Wireshark 2.0.0 Intel 32.dmg: 32295530 bytes >> SHA256(Wireshark 2.0.0 Intel >> 32.dmg)=0aa700811403fc356e4d03fd85d13a6bbd0f95d1ca9a1e6f9233148f2dace8ad >> RIPEMD160(Wireshark 2.0.0 Intel >> 32.dmg)=3281e2fdd4556f11e1e0c6a454f08f8734159c5a >> SHA1(Wireshark 2.0.0 Intel >> 32.dmg)=e682d0e761aaea432ffb325206ea0d191db4ca2c >> MD5(Wireshark 2.0.0 Intel 32.dmg)=1d516e6c9757d0aa85d05f0edb7194a5 >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v2 >> >> iEYEARECAAYFAlZNCJoACgkQpw8IXSHylJrHyACg2w9UN7hB5o2eJsXMB1sLAvcD >> f74AnRRYajJAAB1ILdUMZxhNJiOtrjNx >> =BLFW >> -----END PGP SIGNATURE----- >> >> ___________________________________________________________________________ >> Sent via: Wireshark-users mailing list <[email protected]> >> Archives: https://www.wireshark.org/lists/wireshark-users >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users >> mailto:[email protected] >> ?subject=unsubscribe >> >> >> >
