Wednesday, November 20, 2024
Homecyber securityWireshark 4.4.0 Released – What’s New!

Wireshark 4.4.0 Released – What’s New!

Published on

The Wireshark Foundation has announced the release of Wireshark 4.4.0, marking a significant update to the popular open-source network protocol analyzer.

This latest version introduces a range of new features, improvements, and bug fixes, enhancing the tool’s capabilities in network analysis.

Enhanced Graphing Capabilities

One of the standout features of Wireshark 4.4.0 is the comprehensive overhaul of its graphing dialogs.

- Advertisement - SIEM as a Service

The I/O Graphs, Flow Graph/VoIP Calls, and TCP Stream Graphs have all received substantial updates.

Thanks to these enhancements, users can now enjoy more precise and flexible visualization options.

The I/O Graphs dialog, in particular, now supports intervals as small as 1 microsecond and can handle up to 33 million graph items.

Memory utilization has been optimized, and the graph is more intelligent about when to retap, recalculate, or replot data.

Additionally, users can reorder graphs by drag-and-drop, and the legend can be repositioned to different corners of the graph, providing a more customizable experience.

Advanced Display Filter Capabilities

Wireshark 4.4.0 also brings significant enhancements to display filter functionality. These improvements include better handling of comparisons with value strings, support for regular expression matching, and the ability to perform arithmetic operations on date and time values.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN -14-day free trial

New functions have been added to test IP address properties and convert unsigned integer types. Display filter functions can now be implemented as libwireshark plugins, allowing for greater extensibility.

A significant upgrade in this release is the ability to define custom columns using any valid field expression, including display filter functions, arithmetic calculations, packet slices, and logical tests. This provides users with unprecedented flexibility in data presentation and analysis.

The NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows a denial of service via packet injection or a crafted capture file. The issue is fixed with versions 4.2.7 and 4.0.17.

Performance Improvements and New Protocol Support

Wireshark 4.4.0 introduces several performance enhancements that improve the overall user experience.

The software can now be built with zlib-ng instead of zlib, offering substantially faster compressed file support.

Capture files can also be saved with LZ4 compression, emphasizing speed and supporting fast random access.

Additionally, adding interfaces at startup is now about twice as fast, with fewer UAC pop-ups on Windows systems.

The release also includes support for several new protocols, such as Allied Telesis Resiliency Link, ATN Security Label, and Bit Index Explicit Replication (BIER).

Numerous existing protocol dissectors have been updated for more accurate and comprehensive analysis.

Wireshark 4.4.0 represents a significant step forward in network analysis capabilities, offering enhanced visualization, more powerful filtering, and improved performance.

Users can download the latest version from the official Wireshark website and explore new features and improvements.

Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users

APT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform,...

Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities

Water Barghest, a sophisticated botnet, exploits vulnerabilities in IoT devices to enlist them in...

North Korean IT Worker Using Weaponized Video Conference Apps To Attack Job Seakers

North Korean IT workers, operating under the cluster CL-STA-0237, have been implicated in recent...

Hackers Hijacked Misconfigured Servers For Live Streaming Sports

Recent threat hunting activities focused on analyzing outbound network traffic and binaries within containerized...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users

APT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform,...

Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities

Water Barghest, a sophisticated botnet, exploits vulnerabilities in IoT devices to enlist them in...

North Korean IT Worker Using Weaponized Video Conference Apps To Attack Job Seakers

North Korean IT workers, operating under the cluster CL-STA-0237, have been implicated in recent...