Sunday, December 8, 2024
Homecyber securityWireshark 4.4.0 Released – What’s New!

Wireshark 4.4.0 Released – What’s New!

Published on

SIEM as a Service

The Wireshark Foundation has announced the release of Wireshark 4.4.0, marking a significant update to the popular open-source network protocol analyzer.

This latest version introduces a range of new features, improvements, and bug fixes, enhancing the tool’s capabilities in network analysis.

Enhanced Graphing Capabilities

One of the standout features of Wireshark 4.4.0 is the comprehensive overhaul of its graphing dialogs.

- Advertisement - SIEM as a Service

The I/O Graphs, Flow Graph/VoIP Calls, and TCP Stream Graphs have all received substantial updates.

Thanks to these enhancements, users can now enjoy more precise and flexible visualization options.

The I/O Graphs dialog, in particular, now supports intervals as small as 1 microsecond and can handle up to 33 million graph items.

Memory utilization has been optimized, and the graph is more intelligent about when to retap, recalculate, or replot data.

Additionally, users can reorder graphs by drag-and-drop, and the legend can be repositioned to different corners of the graph, providing a more customizable experience.

Advanced Display Filter Capabilities

Wireshark 4.4.0 also brings significant enhancements to display filter functionality. These improvements include better handling of comparisons with value strings, support for regular expression matching, and the ability to perform arithmetic operations on date and time values.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN -14-day free trial

New functions have been added to test IP address properties and convert unsigned integer types. Display filter functions can now be implemented as libwireshark plugins, allowing for greater extensibility.

A significant upgrade in this release is the ability to define custom columns using any valid field expression, including display filter functions, arithmetic calculations, packet slices, and logical tests. This provides users with unprecedented flexibility in data presentation and analysis.

The NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows a denial of service via packet injection or a crafted capture file. The issue is fixed with versions 4.2.7 and 4.0.17.

Performance Improvements and New Protocol Support

Wireshark 4.4.0 introduces several performance enhancements that improve the overall user experience.

The software can now be built with zlib-ng instead of zlib, offering substantially faster compressed file support.

Capture files can also be saved with LZ4 compression, emphasizing speed and supporting fast random access.

Additionally, adding interfaces at startup is now about twice as fast, with fewer UAC pop-ups on Windows systems.

The release also includes support for several new protocols, such as Allied Telesis Resiliency Link, ATN Security Label, and Bit Index Explicit Replication (BIER).

Numerous existing protocol dissectors have been updated for more accurate and comprehensive analysis.

Wireshark 4.4.0 represents a significant step forward in network analysis capabilities, offering enhanced visualization, more powerful filtering, and improved performance.

Users can download the latest version from the official Wireshark website and explore new features and improvements.

Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...