Installing tshark Only. Note: If you have not used tshark before, you should install the wireshark package as above before limiting yourself to the CLI. If you want to install just tshark and no Qt/GUI components, this is possible on various linux distributions. The package is called tshark or wireshark-cli depending on the platform. Download and install the Wireshark software:. Go to and download and install the Wireshark binary for your computer. The Wireshark FAQ has a number of helpful hints and interesting tidbits of information, particularly if you have trouble installing or running Wireshark.
Wireshark allows you to analyze the traffic inside your network with various tools. If you want to see what’s going on inside your network or have issues with network traffic or page loading, you can use Wireshark. It allows you to capture the traffic, so you can understand what the problem is or send it to support for further assistance. Keep reading this article, and you’ll learn how to capture http traffic in Wireshark.
Installing Wireshark
Installing Wireshark is an easy process. It’s free tool across different platforms, and here is how you can download and install it:
Windows & Mac Users
- Open your browser.
- Visit https://www.wireshark.org/download.html.
- Select the version for your device.
- Wireshark will be downloaded to your device.
- Install it by following the instructions in the package.
Linux Users
If you’re a Linux user, you can find Wireshark in the Ubuntu Software Center. Download it from there and install it according to the instructions in the package.
Capturing HTTP Traffic in Wireshark
Now that you’ve installed Wireshark on your computer, we can move on to capturing http traffic. Here are the steps to do it:
- Open your browser – You can use any browser.
- Clear cache – Before capturing the traffic, you need to clear your browser’s cache. You can do this if you go to your browser’s settings.
- Open Wireshark.
- Tap “Capture.”
- Tap “Interfaces.” You will now see a pop-up window on your screen.
- Choose the interface. You probably want to analyze the traffic going through your ethernet driver.
- Once you’ve selected the interface, tap “Start” or tap “Ctrl + E.”
- Now go back to your browser and visit the URL you want to capture traffic from.
- Once you’re done, stop capturing traffic. Go back to Wireshark and tap “Ctrl + E.”
- Save the captured traffic. If you have network issues and want to send the captured traffic to support, save it into a *.pcap format file.
Capturing Packets in Wireshark
Besides capturing http traffic, you can capture whatever network data you need in Wireshark. Here is how you can do this:
- Open Wireshark.
- You’ll see a list of available network connections you can examine. Select the one you’re interested in. If you want, you can analyze multiple network connections at once by pressing “Shift + Left-click.”
- Now you can start capturing packets. You can do this in several ways: The first one is by tapping the shark fin icon at the top-left corner. The second one is tapping “Capture” and then tapping “Start.” The third way to start capturing is by tapping “Ctrl + E.”
While capturing, Wireshark will display all the captured packets in real-time. Once you’re done capturing packets, you can use the same buttons/shortcuts to stop capturing.
Wireshark Filters
One of the reasons Wireshark is one of the most famous protocol analyzers today is its ability to apply various filters to the captured packets. Wireshark filters can be divided into capture and display filters.
Capture Filters
These filters are applied before capturing data. If Wireshark captures data that doesn’t match the filters, it won’t save them, and you won’t see them. So, if you know what you’re looking for, you can use capture filters to narrow down your search.
Here are some of the most used capture filters you can use:
- host 192.168.1.2 – Capture all traffic associated with 192.168.1.2.
- port 443 – Capture all traffic associated with port 443.
- port not 53 – Capture all traffic except the one associated with port 53.
Display Filters
Depending on what you’re analyzing, your captured packets may be very hard to go through. If you know what you’re looking for, or if you want to narrow down your search and exclude the data you don’t need, you can use display filters.
Here are some of the display filters you can use:
- http – If you’ve captured a number of different packets, but you want to see only the http-based traffic, you can apply this display filter, and Wireshark will show you only those packets.
- http.response.code 404 – If you’re having trouble loading certain web pages, this filter might be useful. If you apply it, Wireshark will only show the packets where “404: Page not found” was a response.
It’s important to note the difference between capture and display filters. As you’ve seen, you apply capture filters before, and display filters after capturing packets. With capture filters, you discard all packets that don’t fit the filters. With display filters, you don’t discard any packets. You just hide them from the list in Wireshark.
Additional Wireshark Features
Although capturing and filtering packets is what makes Wireshark famous, it also offers different options that can make your filtering and troubleshooting easier, especially if you’re new at this.
Colorization Option
You can color packets in the Packet List according to different display filters. This allows you to emphasize the packets you want to analyze.
There are two types of coloring rules: temporary and permanent. Temporary rules are applied only until you close the program, and permanent rules are saved until you change them back.
You can download sample coloring rules here, or you can create your own.
Promiscuous Mode
Wireshark captures traffic coming to or from the device where it’s running. By enabling the promiscuous mode, you’re able to capture the majority of traffic on your LAN.
Command Line
If you’re running your system without a GUI (Graphic user interface), you can use Wireshark’s Command Line Interface. You can capture packets and review them on a GUI.
Statistics
Wireshark offers a “Statistics” menu you can use to analyze captured packets. For example, you can view file properties, analyze traffic between two IP addresses, etc.
FAQs
How do I read the data captured in WireShark?
Once you’re done capturing packets, Wireshark will show all of them in a packet list pane. If you want to focus on a specific capture, double-click on it, and you can read more information about it.
You can decide to open a particular capture in a separate window for easier analysis:
1. Choose the packet you want to read.
2. Right-click on it.
3. Tap “View.”
4. Tap “Show Packet in New Window.”
Here are some details from the packet list pane that will help you with reading captures:
1. No. – The number of a captured packet.
2. Time – This shows you when the packet was captured with regards to when you started capturing. You can customize and adjust the value in the “Settings” menu.
3. Source – This is the origin of a captured packet in the form of an address.
4. Destination – The destination address of a captured packet.
5. Protocol – The type of a captured packet.
6. Length – This shows you the length of a captured packet. This is expressed in bytes.
7. Info – Additional information about a captured packet. The type of information you see here depends on the type of the captured packet.
All of the above columns can be narrowed down with the use of display filters. Depending on what you’re interested in, you can interpret Wireshark captures easier and faster by applying different filters.
In a World of Fish, Be a Wireshark
Now you’ve learned how to capture http traffic in Wireshark, along with useful information about the program. If you want to inspect your network, troubleshoot issues, or ensure everything’s in order, Wireshark is the right tool for you. It’s easy to use and interpret, and it’s free.
Have you used Wireshark before? Tell us in the comment section below.
August 27, 2021
What’s New
Many improvements have been made.See the “New and Updated Features” section below for more details.
New and Updated Features
The following features are new (or have been significantly updated) since version 3.4.0:
The Windows installers now ship with Npcap 1.50.
A 64-bit Windows PortableApps package is now available.
A macOS Arm 64 (Apple Silicon) package is now available.
TCP conversations now support a completeness criteria, which facilitates the identification of TCP streams having anyof opening or closing handshakes, a payload, in any combination. It is accessed with the new tcp.completeness filter.
Protobuf fields that are not serialized on the wire (missing in capture files) can now be displayed with default valuesby setting the new 'add_default_value' preference. The default values might be explicitly declared in 'proto2' files,or false for bools, first value for enums, zero for numeric types.
Wireshark now supports reading Event Tracing for Windows (ETW). A new extcap named ETW reader is created that now can open an etl file,convert all events in the file to DLT_ETW packets and write to a specified FIFO destination. Also, a new packet_etw dissector iscreated to dissect DLT_ETW packets so Wireshark can display the DLT_ETW packet header, its message and packet_etw dissectorcalls packet_mbim sub_dissector if its provider matches the MBIM provider GUID.
'Follow DCCP stream' feature to filter for and extract the contents of DCCP streams.
Wireshark now supports dissecting the rtp packet with OPUS payload.
Importing captures from text files is now also possible based on regular expressions. By specifying a regex capturing a singlepacket including capturing groups for relevant fields a textfile can be converted to a libpcap capture file. Supported dataencodings are plain-hexadecimal, -octal, -binary and base64.Also the timestamp format now allows the second-fractions to be placed anywhere in the timestamp and it will be stored withnanosecond instead of microsecond precision.
Display filter literal strings can now be specified using raw string syntax,identical to raw strings in the Python programming language. This is usefulto avoid the complexity of using two levels of character escapes with regularexpressions.
Significant RTP Player redesign and improvements (see Wireshark User Documentation,Playing VoIP Calls andRTP Player Window)
RTP Player can play many streams in row
UI is more responsive
RTP Player maintains playlist, other tools can add/remove streams to it
Every stream can be muted or routed to L/R channel for replay
Save audio is moved from RTP Analysis to RTP Player. RTP Player saves what was played. RTP Player can save in multichannel .au or .wav.
RTP Player added to menu Telephony>RTP>RTP Player
VoIP dialogs (VoIP Calls, RTP Streams, RTP Analysis, RTP Player, SIP Flows) are non-modal, can stay opened on background
Same tools are provided across all dialogs (Prepare Filter, Analyse, RTP Player …)
Follow stream is now able to follow SIP calls based on their Call-ID value.
Follow stream YAML output format’s has been changed to add timestamps and peers information (for more details see the user’s guide,Following Protocol Streams)
IP fragments between public IPv4 addresses are now reassembled even if they have different VLAN IDs. Reassembly of IP fragmentswhere one endpoint is a private (RFC 1918 section 3) or link-local (RFC 3927) IPv4 address continues to take the VLAN ID intoaccount, as those addresses can be reused. To revert to the previous behavior and not reassemble fragments with different VLAN IDs,turn on the 'Enable stricter conversation tracking heuristics' top level protocol preference.
USB Link Layer reassembly has been added, which allows hardware captures to be analyzed at the same level as software captures.
TShark can now export TLS session keys with the --export-tls-session-keys option.
Wireshark participated in the Google Season of Docs 2020 and the User’s Guide has been extensively updated.
Format of export to CSV in RTP Stream Analysis dialog was slightly changed. First line of export contains names of columns as in other CSV exports.
Wireshark now supports the Turkish language.
New File Format Decoding Support
New Protocol Support
Bluetooth Link Manager Protocol (BT LMP), E2 Application Protocol (E2AP), Event Tracing for Windows (ETW), High-Performance Connectivity Tracer (HiPerConTracer), Kerberos SPAKE, Linux psample protocol, Local Interconnect Network (LIN), Microsoft Task Scheduler Service, O-RAN E2AP, O-RAN fronthaul UC-plane (O-RAN), Opus Interactive Audio Codec (OPUS), PDU Transport Protocol, R09.x (R09), RDP Dynamic Channel Protocol (DRDYNVC), Real-Time Publish-Subscribe Virtual Transport (RTPS-VT), Real-Time Publish-Subscribe Wire Protocol (processed) (RTPS-PROC), Shared Memory Communications (SMC), Signal PDU, SparkplugB, State Synchronization Protocol (SSyncP), Tagged Image File Format (TIFF), TP-Link Smart Home Protocol, and World of Warcraft World (WOWW)
Updated Protocol Support
Too many protocols have been updated to list here.
New and Updated Capture File Support
August 25, 2021
Wireshark 3.4.8 and 3.2.16 have been released.Installers for Windows, Mac OS X 10.12 and later, and source code are now available.
In 3.4.8
Several bugs have been fixed.See the release notes for details.
For a complete list of changes, please refer to the3.4.8 release notes.
In 3.2.16
Several bugs have been fixed.See the release notes for details.
For a complete list of changes, please refer to the3.2.16 release notes.
Official releases are available right now from thedownload page.Wireshark 3.4.7 and 3.2.15 Released · July 14, 2021
Wireshark 3.4.6 and 3.2.14 Released · June 2, 2021
Wireshark 3.4.5 and 3.2.13 Released · April 21, 2021
Wireshark 3.4.4 and 3.2.12 Released · March 10, 2021
Wireshark 3.4.3 and 3.2.11 Released · January 29, 2021
Wireshark 3.4.2 and 3.2.10 Released · December 18, 2020
Wireshark 3.4.1 and 3.2.9 Released · December 9, 2020
Wireshark 3.4.0 and 3.2.8 Released · October 29, 2020
Wireshark 3.4.0rc1 Release Candidate · October 22, 2020
Wireshark 3.3.1 Development Release · October 1, 2020
Wireshark 3.2.7, 3.0.14, and 2.6.20 Released · September 23, 2020
Wireshark 3.3.0 Development Release · September 15, 2020
Wireshark 3.2.6, 3.0.13, and 2.6.19 Released · August 12, 2020
Wireshark 3.2.5, 3.0.12, and 2.6.18 Released · July 1, 2020
Wireshark 3.2.4, 3.0.11, and 2.6.17 Released · May 19, 2020
Wireshark 3.2.3, 3.0.10, and 2.6.16 Released · April 8, 2020
Wireshark 3.2.2, 3.0.9, and 2.6.15 Released · February 26, 2020
Wireshark 3.2.1, 3.0.8, and 2.6.14 Released · January 15, 2020
Wireshark 3.2.0 Released · December 18, 2019
Wireshark 3.2.0rc2 Release Candidate · December 11, 2019
Wireshark 3.2.0rc1 Release Candidate · December 5, 2019
Wireshark 3.0.7 and 2.6.13 Released · December 4, 2019
Wireshark 3.1.1 Development Release · November 18, 2019
Wireshark 3.0.6 and 2.6.12 Released · October 23, 2019
Wireshark 3.0.5 Released · September 20, 2019
Wireshark 3.0.4 and 2.6.11 Released · September 11, 2019
Wireshark 3.1.0 Development Release · July 25, 2019
Wireshark 3.0.3, 2.6.10 and 2.4.16 Released · July 17, 2019
Wireshark 3.0.2, 2.6.9 and 2.4.15 Released · May 21, 2019
Wireshark 3.0.1, 2.6.8 and 2.4.14 Released · April 8, 2019
Wireshark 3.0.0 Released · February 28, 2019
Wireshark 2.6.7 and 2.4.13 Released · February 27, 2019
Wireshark 3.0.0rc2 Released · February 21, 2019
Wireshark 3.0.0rc1 Released · February 15, 2019
Wireshark 2.6.6 and 2.4.12 Released · January 8, 2019
Wireshark 2.9.0 Development Release · December 12, 2018
Wireshark 2.6.5 and 2.4.11 Released · November 28, 2018
Wireshark 2.6.4 and 2.4.10 Released · October 11, 2018
Wireshark 2.6.3, 2.4.9 and 2.2.17 Released · August 29, 2018
Wireshark 2.6.2, 2.4.8 and 2.2.16 Released · July 18, 2018
Wireshark 2.6.1, 2.4.7 and 2.2.15 Released · May 22, 2018
Wireshark 2.6.0 Released · April 24, 2018
Wireshark 2.4.6 and 2.2.14 Released · April 3, 2018
Wireshark 2.5.1 Development Release · March 15, 2018
Wireshark 2.4.5 and 2.2.13 Released · February 23, 2018
Wireshark 2.5.0 Development Release · February 6, 2018
Wireshark 2.4.4 and 2.2.12 Released · January 11, 2018
Wireshark 2.4.3 and 2.2.11 Released · November 30, 2017
Wireshark 2.4.2, 2.2.10, and 2.0.16 Released · October 10, 2017
Wireshark 2.4.1, 2.2.9, and 2.0.15 Released · August 29, 2017
Wireshark 2.4.0 Released · July 19, 2017
Wireshark 2.2.8 and 2.0.14 Released · July 18, 2017
Wireshark 2.4.0rc2 Released · June 28, 2017
Wireshark 2.4.0rc1 Released · June 7, 2017
Wireshark 2.2.7 and 2.0.13 Released · June 1, 2017
Wireshark 2.2.6 and 2.0.12 Released · April 12, 2017
Wireshark 2.2.5 and 2.0.11 Released · March 3, 2017
Wireshark 2.2.4 and 2.0.10 Released · January 23, 2017
Wireshark 2.2.3 and 2.0.9 Released · December 14, 2016
Wireshark 2.2.2 and 2.0.8 Released · November 16, 2016
Wireshark 2.2.1 and 2.0.7 Released · October 4, 2016
Wireshark 2.0.6 Released · September 8, 2016
Wireshark 2.2.0 Released · September 7, 2016
Wireshark 2.2.0rc2 · August 31, 2016
Wireshark 2.2.0rc1 · August 22, 2016
Wireshark 2.0.5 and 1.12.13 Released · July 27, 2016
Wireshark 2.1.1 Development Release · July 14, 2016
Wireshark 2.1.0 Development Release · June 8, 2016
Wireshark 2.0.4 and 1.12.12 Released · June 7, 2016
Wireshark 2.0.3 and 1.12.11 Released · April 22, 2016
Wireshark 2.0.2 and 1.12.10 Released · February 26, 2016
Wireshark 2.0.1 and 1.12.9 Released · December 29, 2015
Wireshark 2.0.0 Released · November 18, 2015
Wireshark 2.0.0rc3 Released · November 11, 2015
Wireshark 2.0.0rc2 Released · October 30, 2015
Wireshark 2.0.0rc1 Released · October 14, 2015
Wireshark 1.12.8 Released · October 14, 2015
Wireshark 1.99.9 Development Release · September 2, 2015
Wireshark 1.12.7 Released · August 12, 2015
Wireshark 1.99.8 Development Release · July 24, 2015
Wireshark 1.99.7 Development Release · June 18, 2015
Wireshark 1.12.6 Released · June 17, 2015
Wireshark 1.99.6 Development Release · May 28, 2015
Wireshark 1.12.5 and 1.10.14 Released · May 12, 2015
Wireshark 1.99.5 Development Release · March 20, 2015
Wireshark 1.99.4 Development Release · March 19, 2015
Wireshark 1.99.3 Development Release · March 5, 2015
Wireshark 1.12.4 and 1.10.13 Released · March 4, 2015
Wireshark 1.99.2 Development Release · February 4, 2015
Wireshark 1.12.3 and 1.10.12 Released · January 7, 2015
Wireshark 1.99.1 Development Release · December 10, 2014
Wireshark 1.12.2 and 1.10.11 Released · November 12, 2014
Wireshark 1.99.0 Development Release · October 7, 2014
Wireshark 1.12.1 and 1.10.10 Released · September 16, 2014
Wireshark 1.12.0 and 1.10.9 Released · July 31, 2014
Wireshark 1.12.0rc3 Released · July 22, 2014
Wireshark 1.12.0rc2 Released · June 13, 2014
Wireshark 1.10.8 and 1.8.15 Released · June 12, 2014
Wireshark 1.10.7 and 1.8.14 Released · April 22, 2014
Wireshark 1.11.3 Development Release · April 15, 2014
Wireshark 1.10.6 and 1.8.13 Released · March 7, 2014
Wireshark 1.10.5 Released · December 19, 2013
Wireshark 1.10.4 and 1.8.12 Released · December 17, 2013
Wireshark 1.11.2 Development Release · November 18, 2013
Wireshark 1.11.0 Development Release · November 15, 2013
Wireshark 1.10.3 and 1.8.11 Released · November 1, 2013
Wireshark 1.11.0 Development Release · October 15, 2013
Wireshark 1.10.2 and 1.8.10 Released · September 10, 2013
Wireshark 1.10.1 and 1.8.9 Released · July 26, 2013
Wireshark 1.8.8 and 1.6.16 Released and 1.6 End of Life · June 7, 2013
Wireshark 1.10.0 Released · June 5, 2013
Wireshark 1.10.0rc2 Released · May 22, 2013
Wireshark 1.8.7 and 1.6.15 Released · May 17, 2013
Wireshark 1.10.0rc1 Released · April 26, 2013
Wireshark 1.9.1 Development Release · March 28, 2013
Wireshark 1.9.1 Development Release · March 12, 2013
Wireshark 1.8.6 and 1.6.14 Released · March 6, 2013
Wireshark 1.9.0 Development Release · February 20, 2013
Wireshark 1.8.5 and 1.6.13 Released · January 29, 2013
Wireshark Wiki Security Incident · January 9, 2013
Wireshark 1.8.4 and 1.6.12 Released · November 28, 2012
Wireshark 1.8.3 and 1.6.11 Released · October 2, 2012
Wireshark 1.8.2 and 1.6.10 Released · August 15, 2012
Wireshark 1.4.14 Released · July 24, 2012
Wireshark 1.8.1 and 1.6.9 Released · July 23, 2012
Wireshark 1.8.0 Released · June 21, 2012
Wireshark 1.8.0rc2 Released · June 18, 2012
Wireshark 1.8.0rc1 Released · June 6, 2012
Wireshark 1.6.8 and 1.4.13 Released · May 22, 2012
Wireshark 1.7.1 Development Release · April 6, 2012
Wireshark 1.6.7 Released · April 6, 2012
Wireshark 1.6.6 and 1.4.12 Released · March 27, 2012
Wireshark 1.6.5 and 1.4.11 Released · January 10, 2012
Wireshark 1.6.4 Released · November 18, 2011
Wireshark 1.7.0 Development Release · November 8, 2011
#1 on SecTools.Org · November 7, 2011
Wireshark 1.6.3 and 1.4.10 Released · November 1, 2011
We're Essential · September 19, 2011
Wireshark 1.6.2 and 1.4.9 Released · September 8, 2011
Wireshark 1.6.1 and 1.4.8 Released · July 18, 2011
Wireshark 1.6.0 Released · June 7, 2011
Wireshark 1.6.0rc2 Released · June 2, 2011
Wireshark 1.4.7 and 1.2.17 Released · May 31, 2011
Wireshark 1.6.0rc1 Released · May 16, 2011
Wireshark 1.4.6 Released · April 18, 2011
Wireshark 1.4.5 and 1.2.16 Released · April 15, 2011
Wireshark 1.5.1 Development Release · April 11, 2011
Wireshark 1.4.4 and 1.2.15 Released · March 1, 2011
Wireshark 1.5.0 Development Release · January 24, 2011
Wireshark 1.4.3 and 1.2.14 Released · January 11, 2011
Wireshark 1.4.2 and 1.2.13 Released · November 19, 2010
Riverbed Acquires CACE Technologies · October 21, 2010
CACE Pilot, WiFi Pilot, and Shark Appliance 2.4 Released · October 20, 2010
Wireshark 1.4.1 and 1.2.12 Released, 1.0.x EOL · October 11, 2010
Wireshark 1.4.0, 1.2.11, and 1.0.16 Released · August 30, 2010
'Wireshark Antivirus' Malware · August 4, 2010
We're SourceForge.net's Project of the Month! · August 1, 2010
End of Life Announcement for Wireshark 1.0 · July 31, 2010
Wireshark 1.2.10, 1.0.15, and 1.4.0rc2 Released · July 29, 2010
Wireshark 1.2.9, 1.0.14, and 1.4.0rc1 Released · June 9, 2010
Wireshark 1.2.8, 1.0.13, and 1.3.5 Released · May 5, 2010
Wireshark 1.2.7, 1.0.12, and 1.3.4 Released · March 31, 2010
Wireshark Wins PC Magazine Editor's Choice Award · February 22, 2010
Wireshark 1.3.3 Development Release · February 11, 2010
Wireshark 1.2.6 and 1.0.11 Released · January 27, 2010
CACE Pilot and WiFi Pilot 2.2 Released · January 18, 2010
Wireshark 1.2.5 Released · December 17, 2009
Wireshark 1.3.2 Development Release · November 24, 2009
Wireshark 1.2.4 Released · November 16, 2009
Wireshark 1.2.3, 1.0.10, and 1.3.1 Released · October 27, 2009
Wireshark 1.2.2, 1.0.9, and 1.3.0 Released · September 15, 2009
CACE Pilot and WiFi Pilot 2.1 Released · September 1, 2009
CACE Pilot 2.0 Released · July 28, 2009
Wireshark 1.2.1 Released · July 20, 2009
Nmap 5 Released · July 16, 2009
Wireshark 1.2 Released · June 15, 2009
Wireshark 1.2.0pre2 Released · June 9, 2009
Wireshark 1.2.0pre1 Released · May 27, 2009
Free Wireshark Jumpstart Seminars From Laura Chappell · May 22, 2009
Wireshark 1.0.8 Released · May 21, 2009
Another Day, Another New York Times Article · May 14, 2009
Wireshark Helps Expose Spy Ring · May 12, 2009
Announcing WiFi Pilot · May 7, 2009
Wireshark 1.0.7 Released · April 8, 2009
A Pile Of Great Keynotes At Sharkfest '09 · March 24, 2009
Wireshark 1.1.3 Development Release · March 23, 2009
Conficker Loves Us! · March 12, 2009
Wireshark 1.0.6 Released · February 6, 2009
CACE Pilot 1.2 released · January 23, 2009
Wireshark 1.1.2 Development Release · January 15, 2009
Wireshark 1.0.5 Released · December 10, 2008
New Video: Custom Columns (Plus Bonus Wireshark University Updates) · December 9, 2008
New Book: Nmap Network Scanning · December 3, 2008
Wireshark classes from Mike Pennacchi and Chris Sanders · November 7, 2008
tcpdump 4.0.0 / libpcap 1.0.0 released · October 28, 2008
New Article: Using Wireshark and TShark display filters for troubleshooting · October 22, 2008
Wireshark 1.0.4 Released · October 20, 2008
Meet Gerald At Laura Chappell's Troubleshooting and Security Summit · October 10, 2008
Wireshark 1.1.1 Development Release · October 9, 2008
Wireshark 1.1.0 Development Release · September 14, 2008
Sign Up Now for Laura Chappell's Troubleshooting and Security Summit · September 3, 2008
Wireshark 1.0.3 Released · September 3, 2008
Wireshark Wins 2008 InfoWorld BOSSIE Award · August 4, 2008
Wireshark is 10! (Plus two bonus announcements) · July 14, 2008
Wireshark 1.0.2 Released · July 10, 2008
Wireshark 1.0.1 Released · June 30, 2008
Announcing TurboCap · June 26, 2008
New Article: Open Source Founders Reflect On Project Milestones · April 22, 2008
Announcing Pilot · April 16, 2008
New Video: TCP Connection Loss · April 7, 2008
Sharkfest Was Great! · April 3, 2008
Wireshark 1.0 Released · March 31, 2008
Server Outage · March 20, 2008
Wireshark 0.99.8 Released · February 27, 2008
Vint Cerf at Sharkfest! · February 19, 2008
New Video: Analyzing DNS Queries · February 4, 2008
New Video: ICMP Redirection (plus a Tech Talk) · January 7, 2008
Wireshark 0.99.7 Released · December 18, 2007
New Mirror in Indonesia · December 16, 2007
Nmap is 10 · December 14, 2007
New Video: Advanced IO Graphing · November 5, 2007
German Tutorial from Mirko Kulpa · November 1, 2007
In Memoriam: Jun-ichiro Hagino · October 30, 2007
New Article: Time to Roll Your Own 802.11n Standard · October 5, 2007
New Video: Faulty Padding · September 24, 2007
First Annual SHARKFEST Announced · September 12, 2007
Wireshark Wins 2007 InfoWorld BOSSIE Award · September 10, 2007
New Article: SPAN Port or TAP? CSO Beware · September 9, 2007
New Article: Analyzing TCP Performance with Wireshark · August 17, 2007
Wireshark 0.99.6a Windows Installer Released · July 9, 2007
Wireshark 0.99.6 Released · July 5, 2007
New Article: Creating Your Own Custom Wireshark Dissector · July 2, 2007
New Video: Building ACL Rules · July 2, 2007
Wireshark at LinuxWorld 2007 · June 27, 2007
New tool: WPA PSK Generator · June 22, 2007
New Book: Practical Packet Analysis · May 23, 2007
eWEEK Says We're Important · May 2, 2007
Wireshark! Live! Helpdesk · April 1, 2007
Wireshark University Announced · March 19, 2007
New Mirror in Hungary · March 2, 2007
New Mirror in Germany · February 21, 2007
McAfee VirusScan False Positive · February 13, 2007
Wireshark 0.99.5 Released · February 1, 2007
WinPcap 4.0 Released · January 29, 2007
3Com Says We're 'Best-Of-Breed' · January 29, 2007
New Mirror in the U.S. · January 22, 2007
New Mirror in the Netherlands · January 5, 2007
MacOS X Package Available · January 4, 2007
Article in COMPUTERWOCHE.de · November 14, 2006
Wireshark 0.99.4 Released · October 31, 2006
Wireshark Training Available for Q1 2007 · October 23, 2006
Site Outage · September 18, 2006
Wireshark Download Mac El Capitan
Wireshark 0.99.3 Released · August 23, 2006
Wireshark 0.99.2 Released · July 17, 2006
Tutorial and Podcast from Chris Sanders · July 14, 2006
Symantec Antivirus False Positive · July 4, 2006
How To Download Wireshark
We're (still) #2! · June 21, 2006
Wireshark For Mac Os
Ethereal® is now Wireshark™ · June 7, 2006