Wireshark 4.2.0 Released – What’s New!

Wireshark is a popular open-source network protocol analyzer that is primarily used by security experts and network administrators for several purposes:-

• Troubleshooting

• Analysis

• Development

• Education

Its popularity originates from its:-

• Robust features

• User-friendly interface

• Versatility in analyzing network issues

• Troubleshooting network issues

All these key factors make Wireshark one of the top choices for several organizations in a multitude of sectors. Besides this, recently, Wireshark Foundation launched version 4.2.0, introducing new updates and features.

#Wireshark 4.2.0 has been released. Enjoy.https://t.co/DytDC7eI85

— Wireshark Foundation (@WiresharkNews) November 15, 2023

What’s new in Wireshark 4.2.0?

Under the Wireshark Foundation, the “Wireshark 4.2.0” is the first major Wireshark release, which brings the following new additions and features:-

• Dark mode support on Windows.

• A Windows installer for Arm64 has been added.

• Packet list sorting has been improved.

• Wireshark and TShark are now better about generating valid UTF-8 output.

• A new display filter feature for filtering raw bytes has been added.

• Display filter autocomplete is smarter about not suggesting invalid syntax.

• Tools › MAC Address Blocks can lookup a MAC address in the IEEE OUI registry.

• The enterprises, manuf, and services configuration files have been compiled in for improved start-up times.

• The installation target no longer installs development headers by default.

• The Wireshark installation is relocatable on Linux.

• Wireshark can be compiled on Windows using MSYS2.

• Wireshark can be cross-compiled for Windows using Linux.

• Tools › Browser (SSL Keylog) can launch your web browser with the SSLKEYLOGFILE environment variable set to the appropriate value.

• Windows installer file names now have the format Wireshark--.exe.

• Wireshark now supports the Korean language.

• RTPDump is the new file format decoding.

Document

Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Try StorageGuard for Free

Removed features & support

Here below, we have mentioned all the removed features and support:-

• TShark’s -e option no longer supports displaying column text via the column title.

• The disabled default script ‘dtd_gen.lua’ has been removed from the installation bundle.

• The Wi-Fi NAN dissector filter name is now ‘wifi_nan’ instead of ‘nan’.

New Protocol Support

Here below, we have mentioned the new protocol support:-

• Aruba UBT

• ASAM Capture Module Protocol (CMP)

• ATSC Link-Layer Protocol (ALP)

• DECT DLC protocol layer (DECT-DLC)

• DECT NWK protocol layer (DECT-NWK)

• DECT proprietary Mitel OMM/RFP Protocol (also named AaMiDe)

• Digital Object Identifier Resolution Protocol (DO-IRP)

• Discard Protocol

• FiRa UWB Controller Interface (UCI)

• FiveCo’s Register Access Protocol (5CoRAP)

• Fortinet FortiGate Cluster Protocol (FGCP)

• GPS L1 C/A LNAV navigation messages

• GSM Radio Link Protocol (RLP)

• H.224

• High Speed Fahrzeugzugang (HSFZ)

• Hypertext Transfer Protocol version 3 (HTTP/3)

• ID3v2

• IEEE 802.1CB (R-TAG)

• Iperf3

• JSON 3GPP

• Low Level Signalling (ATSC3 LLS)

• Management Component Transport Protocol (MCTP)

• Management Component Transport Protocol – Control Protocol (MCTP CP)

• Matter home automation protocol

• Microsoft Delivery Optimization

• Multi-Drop Bus (MDB)

• Non-volatile Memory Express – Management Interface (NVMe-MI) over MCTP

• RDP audio output virtual channel Protocol (rdpsnd)

• RDP clipboard redirection channel Protocol (cliprdr)

• RDP Program virtual channel Protocol (RAIL)

• SAP Enqueue Server (SAPEnqueue)

• SAP GUI (SAPDiag)

• SAP HANA SQL Command Network Protocol (SAPHDB)

• SAP Internet Graphic Server (SAP IGS)

• SAP Message Server (SAPMS)

• SAP Network Interface (SAPNI)

• SAP Router (SAPROUTER)

• SAP Secure Network Connection (SNC)

• SBAS L1 Navigation Messages (SBAS L1)

• SINEC AP1 Protocol (SINEC AP)

• SMPTE ST2110-20 (Uncompressed Active Video)

• Train Real-Time Data Protocol (TRDP)

• UBX protocol of u-blox GNSS receivers (UBX)

• UDP Tracker Protocol for BitTorrent (BT-Tracker)

• UWB UCI Protocol

• Video Protocol 9 (VP9)

• VMware HeartBeat

• Windows Delivery Optimization (MS-DO)

• Z21 LAN Protocol (Z21)

• Zabbix

• ZigBee Direct (ZBD)

• Zigbee TLV

Updated Protocol Support

Here below, we have mentioned all the updated protocol support:-

• JSON

• IPv6

• XML

• SIP

• HTTP

• CFM

New and Updated Codec support

Adaptive Multi-Rate (AMR), if compiled with opencore-amr is the new and updated codec support.

Major API Changes

Here below, we have mentioned all the major API changes:-

• Lua function “package.prepend_path” has been removed.

• Added reassemble_streaming_data_and_call_subdissector() API for easier reassembly of non-TCP high-level protocol streaming data.

• Some of the API now uses C99 types instead of GLib types.

Moreover, the Linux/Unix vendors offer Wireshark packages via platform-specific package management. If you want, then you can find the third-party packages on Wireshark’s download page.