Wireshark v1.8.0rc1 Released

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Changelog v1.8.0rc1

New and Updated Features

The following features are new (or have been significantly updated) since version 1.6:
Wireshark supports capturing from multiple interfaces at once.
You can now add, edit, and save packet annotations.
Wireshark, TShark, and their associated utilities now save files using the pcap-ng file format by default. Your copy of Wireshark might still use the pcap file format if pcap-ng is disabled in your preferences.)
Decryption key management for IEEE 802.11, IPsec, and ISAKMP is easier.
OID resolution is now supported on 64-bit Windows.
When saving packets, the default choice is now to save only the displayed packets rather than all packets.
TCP fast retransmissions are now indicated as an expert info note, rather than a warning, just as TCP retransmissions are.
TCP window updates are no longer colorized as “Bad TCP”.
TShark’s command-line options have changed. The previously undocumented -P option is now -2 option for performing a two-pass analysis; the former -S option is now the -P option for printing packets even if writing to a file, and the -S option is now used to specify a different line separator between packets.
GeoIP IPv6 databases are now supported.