Tuesday, September 13, 2016

Install Wireshark 2.2.0 in Ubuntu 16.04 LTS

   Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

Wireshark 2.2.0 Changelog
  • Upgrading to latest version uninstalls Microsoft Visual C++ redistributable.
  • Extcap errors not reported back to UI.
  • "Decode As" supports SSL (TLS) over TCP.
  • Invalid coloring rules are now disabled instead of discarded. This will provide backward compatibility with a coloring rule change in Wireshark 2.2.
  • Added -d option for Decode As support in Wireshark (mimics TShark functionality)
  • The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
  • The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
  • The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
  • The RTP player now allows up to 30 minutes of silence frames.
  • Packet bytes can now be displayed as EBCDIC.
  • The Qt UI loads captures faster on Windows.
  • proto_tree_add_checksum was added as an API.
  • The intelligent scroll bar now sits to the left of a normal scroll bar and provides a clickable map of nearby packets. 
 See release notes for complete changes

 Installation instructions:

     Run the following commands in Terminal to install :

$ sudo add-apt-repository ppa:wireshark-dev/stable

$ sudo apt-get update

$ sudo apt-get install wireshark

   Just confirm YES if you want to. If you check on NO, you must run Wireshark with sudo. Later, if you want to change this, :

$ sudo dpkg-reconfigure wireshark-common

Optional, uninstall the new release to downgrade it to the stock version of Wireshark in Ubuntu repository, run command:

$ sudo apt-get install ppa-purge && sudo ppa-purge ppa:wireshark-dev/stable

No comments:

Post a Comment