Wireshark, our all-time favorite protocol analyzer, released a new version (1.0.4). The new version includes a number of security fixes. For details, see http://www.wireshark.org/news/20081020.html . Just by its nature of including a large number of protocol parsers, Wireshark is a somewhat risky program. To mitigate the risk, I personally prefer to collect traffic using a simpler program like tcpdump, and later analyze the traffic in wireshark using a low privilege account. ------ |
Johannes 4068 Posts ISC Handler Oct 21st 2008 |
Thread locked Subscribe |
Oct 21st 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!