$Id: NEWS,v 1.138 2003/12/13 00:55:11 gerald Exp $ == December 12, 2003 Ethereal 0.10.0 has been released. This release fixes issues in the SMB and Q.931 dissectors that could make Ethereal and Tethereal crash. See http://www.ethereal.com/appnotes/enpa-sa-00012.html for more details. New and updated features Many performance improvements have been made to the code. Most users should see a 2x to 3x performance increase when loading and working with capture files. A "matches" display filter operator has been added. It is similar to the "contains" operator, but supports Perl-compatible regular expressions. Tethereal can now dump packet data in XML (PDML) format. The main application menus have been rearranged and the help windows have been revamped, along with a host of other UI enhancements. The capture progress window now features bar graphs. The GLib, GTK+, Net-SNMP, and zlib libraries that ship with the Windows installer have been updated. New protocol support BFD, CCSDS, CPFI, DCE/RPC {BUDB, EPM4, ICL_RPC, RS_PLCY, RS_PROP_ACCT} IGAP, ISO 8327-1 SES, MS Kpasswd, RTCFG, SEBEK, Updated protocol support ACN, AFP, ANSI A, ANSI MAP, ASN.1, BSMAP, BSSAP, CPFI, DCE/RPC {DCOM, EPM, NDR, SRVSVC, STAT, WKSSVC}, DCE/RPC, DHCP, DNS, DOCSIS, DSI, DTAP, ENTTEC, FC ELS, FC FZS, FC-SP, FC-SWILS, GIOP, GPRS NS, GSM A, GSM MAP, H.225, H.450, HTTP, ICMP, IPv6, IS-IS, ISAKMP, ISUP, Kerberos, LDAP, LDP, MIPv6, MMSE, MS Proxy, MTP3, NCP 2222, NTP, PIM, RADIUS, RANAP, RDM, RSVP, RTCP, RTP, SCCP, SDP, SIP, SMB, SMPP, SOCKS, SONMP, SRVLOC, SSL, TACACS, TCAP, TCP, TPKT, TZSP, UCP, WAP, WBXML, WLAN, WSP, WTP Updated capture file support AiroPeek v9 (2.x) support was added. Network Instruments Observer and Snoop support was updated. == November 2, 2003 Ethereal 0.9.16 has been released. This release fixes potential security issues with the GTP, ISAKMP, MEGACO, and SOCKS dissectors. See http://www.ethereal.com/appnotes/enpa-sa-00011.html for more details. New and updated features Ethereal has leapt forward into the 90's and added a toolbar. Ethereal and Tethereal can now force the data link type of captured frames. RTP analysis has been enhanced. Individual frames can now be marked as time references Service response time and general I/O statistics have been enhanced. I/O statistics can now calculate client load (experimental). New protocol support ACN, ALCAP, ANSI MAP, ASN.1 BER, BSSAP, DCE/RPC DRSUAPI, DCE/RPC INITSHUTDOWN, DCE/RPC RS_BIND, FC-SP, FICON, GSM BSSMAP, GSM DTAP, GSM SMS TPDU, GSM SMS, GSM SS, H.450, IOS 4.0.1 IS-637-A (SMS), IS-683-A (OTA), T.38, TCAP, TPCP Updated protocol support AODV, ASN.1 PER, BSSGP, CDP, Cisco HDLC, COPS, DCE/RPC BROWSER, DCE/RPC DNSSERVER, DCE/RPC EPM, DCE/RPC LSA, DCE/RPC Messenger, DCE/RPC REG, DCE/RPC SVCCTL, DCE/RPC, DFS, DHCPv6, DOCSIS, EAPOL, ENIP, Frame Relay, FTP, GPRS, Gryphon, GTP, H.225, H.245, HTTP, ICMP, IEEE 802.11, IPX, ISAKMP, ISUP, LAPB, Laplink, LWAPP, MAPI, MDSHDR, MEGACO, MPLS, NCP, NDPS, NETLOGON, NFS, NTLMSSP, OSPF, OXID, PPP, Q.931, Q.933, RANAP, RIP, RTP, SAMR, SCCP, SCSI, SCTP, SDP, SIP, SMB, SMPP, SNMP, SOCKS, SONMP, SPOOLSS SRVLOC, SRVSVC, T.35, TACACS+, TAPI, TCP, TZSP, WKSSVC, WSP, X.25, Yahoo! Messenger Updated capture file support Linux Bluez Bluetooth hcidump support has been added. Endace ERF and Network Instruments Observer, and NetXRay support has been enhanced. == September 9, 2003 Ethereal 0.9.15 has been released. New and updated features Many often-requested features have been added with this release. If you're running an older version of Ethereal you may want to have a look. Conversation List (aka "top talker") support has been added to Ethereal and Tethereal. Protocol statistics in general have been updated. Searching capture files has been improved even more -- a new "contains" display filter operator that searches for strings in PDUs has been added. The Find dialog now supports case-insensitive searches, hex data searches, and more. An H.225 dissector has been added. It can automatically recognize RTP and RTCP conversations. A preference file has been added for disabled protocols. Color filters may now be imported and exported from within Ethereal. A new column type has been added for cumulative bytes. New protocols GPRS BSSGP, GPRS NS, H.225, H.263, LWAPP, Laplink, Q.933, STUN Updated protocols ArtNet, BOOTP/DHCP, DCE/RPC, DCERPCSTAT, DHCPv6, DOCSIS, ENIP, Ethernet, FCIP, Frame Relay, H.245, HTTP, IPsec, iSCSI, LDAP, LWRES, M2UA, M3UA, MEGACO, MTP3, NCP, NDPS, NFS, NTLMSSP, PPTP, Q.931, RPC, SAMR, SCCP, SCTP, SIP, SMB, SMPP, SNA, SNMP, SRVLOC, SUA, TCP, TDS, UCD, UDP, WSP, Updated capture file support Support for Accellent 5Views and Endace ERF capture files was added. CheckPoint FW-1 and Novell LANalyzer support has been enhanced. == July 23, 2003 Ethereal 0.9.14 has been released. New and updated features The ringbuffer code has been (nearly) completely rewritten. It now supports an unlimited number of files. Ethereal now supports searching for arbitrary text and binary data in frames. Service response time statistics have been enhanced. Tethereal, the text-mode version of Ethereal, can now be compiled without capture support. New and updated features Echo, eDonkey, Jabber, MS Messenger, sFlow Updated protocols AODV, AODV6, Boardwalk, DCE-RPC, ENIP, Fibre Channel, FIX, FW1, H.245, IGMP, IPsec, IS-IS, iSCSI, ISUP, LDAP, LDP, M2UA, MEGACO, MTP3, NDS, NETLOGON, NTLMSSP, NTP, Q.2931, Q.931, SAMR, SCCP, SCSI, SMB, SMPP, SNA, SNMP, SPNEGO, SPOOLSS, SRVLOC, UCP, Vines, VRRP, WBXML, WEP, WSP, WTP, X11, Zebra Updated capture file support LANalyzer, NetXRay == June 11, 2003 Ethereal 0.9.13 has been released. This release fixes a large number of security issues discovered by Timo Sirainen and others. See http://www.ethereal.com/appnotes/enpa-sa-00010.html for more details. New and updated features Ethereal now supports a system-wide color filter file. Support for the GNU ADNS library has been added. ADNS allows asynchronous DNS lookups. "Decode As..." functionality has been added to Tethereal via the "-d" flag. The HTTP, FTP, POP, SMTP, IMAP, and ACAP requests and responses are now shown in the protocol tree. New protocols distcc, EtherNet/IP, MSRPC ATSVC, RTNET/TMDA Updated protocols 802.11, AIM, BGP, CLNP, COTP, CPHA, DCERPC, DNS, EAPOL, Ethernet, FDDI, GSSAPI, IP, ISAKMP, ISIS, LDAP, LSP, M2PA, MAPI, Modbus, NDPS, NFS, NTLMSSP, OSI, OSPF, OpenBSD pflog, PPTP, RMCP, RMI, RPC, RTP, SCSI, SCTP, SIP, SMB, SMPP, SMTP, SNMP, SPNEGO, TACACS, TCP, TSP, WBXML, WSP, WTP Updated capture file support HP-UX nettl, VMS UCX$TRACE == May 1, 2003 Ethereal 0.9.12 has been released. This release fixes several off-by-one and integer overflow errors discovered by Timo Sirainen. See http://www.ethereal.com/appnotes/enpa-sa-00009.html for more details. New and updated features TCP sequence number analysis received a few improvements. General packet reassembly has been improved. The "Follow TCP Stream" window now allows you to filter out the current stream. The Vines code received significant updates. Several enhancements were made to the text2pcap utility. New protocols ArtNET, IPX WAN, Intel ANS, iSNS, NLSP, WKSSVC Updated protocols 802.11 ACAP, AFP, AIM, AJP, ASAP, BGP, CLNP, CPHA, DCE/RPC, DSI, EAP, IP, IPMI, IPX, IPv6, ISIS, ISUP, IUA, Kerberos, LDAP, M2PA, M2TP, M2UA, M3UA, MGCP, MTP2, MTP3, MTP3MG, Modbus/TCP, NDMP, NDPS, NFS, NLSP, PGM, Q.931, RANAP, RPC, RSVP, SCCP, SCCPMG, SCTP, SMB, SNMP, SPX, SSH, SUA, TCP, Telnet, Vines, WBXML, WSP, WTP Updated capture file support Netxray == March 10, 2003 Ethereal 0.9.11 has been released. The Ethereal 0.9.10 release was packaged improperly. This release fixes the packaging, and adds minor updates and fixes for the following protocols: AFS, OpenBSD enc(4), RTP, SCSI, SIP, SMPP, SSH IA64 support has been improved. == March 7, 2003 Ethereal 0.9.10 has been released. This release fixes a security hole discovered by Georgi Guninski in the SOCKS dissector as well as problems with the NTLMSSP and Rsync code. All users of previous versions are encouraged to upgrade. See http://www.ethereal.com/appnotes/enpa-sa-00008.html for more details. New and Updated Features Many small updates were made to the user interface. The "Help" menu now includes the FAQ. The TCP dissector was enhanced. Many more fields are filterable. Tethereal received more IO stats: TCP and UDP top talkers. Packet reassembly has been improved. The "Follow TCP Stream" feature can now export C byte arrays. RTP streams can now be saved to a file. Bug Fixes A missing comma in a string array could cause Ethereal to crash when opening the preferences dialog. New Protocols MSN Messenger, Rsync, SSH, Yahoo! Messenger Updated Protocols AFP, AFS, AIM, ATM, Apache JServ, BACNET, BGP, BOOTP, CLNP, COPS, DCCP, DCERPC NT, DCERPC, DNS, ESIS, Ethernet, Frame Relay, GIOP, GTP, HP extended 802.2 LLC, HP-UX remote management, HTTP, IPP, IPX, LLC, LSA, M3UA, MDSHDR, MIP6, MPLS, MySQL, NCP2222, NETLOGON, NLPID, NetFlow, OpenBSD enc(4), OSI, PPP, RADIUS, RMP, RPL, SAMR, SCSI, SMB, SNA, SNMP, SOCKS, SPOOLSS, SRVLOC, SRVSVC, SSL, SliMP3, TCP, Token Ring, WBXML, Wellfleet BofL X.25, X11 Updated Capture File Support NetXRay, NGSniffer, Snoop == January 23, 2003 Ethereal 0.9.9 has been released. Please note the next release will NOT be 1.0. There are still more features to be added before a 1.0 release will be ready. New and Updated Features Plugin search behavior was improved under Unix, allowing more than one version of Ethereal to be installed at one time. The statistics graphs have been enhanced. More statistics have been added: Round-trip-time statistics are now computed for SMB traffic. NCP Call and Reply times are now tracked. Top talker statistics for Ethernet, IP and Token Ring are now available (tethereal only). Color allocation and handling was improved. The RADIUS dissector can now decrypt user passwords. Tethereal now supports reading from a pipe under Unix. The ATM code received major improvements. The DOS Sniffer code also received major improvements. For those that compile Ethereal from source, some fixes and updates have been made to the configuration and build environment. Bug Fixes The capture progress window now shows the correct number of elapsed minutes. A potential infinite loop in the TCP graphing code has been fixed. New Protocols MDSHDR, MEGACO, MySQL, SDLC, X.29 Updated Protocols 802.11, AFP, AFS, AIM, ARCNET, ASAP, ATM, BPDU, Cisco HDLC, CLNP, DCE RPC, DDTP, Ethernet, FC-ELS, FCIP, H.261, IMSI, IP, IP-over-FC, L2TP, LMI, M3UA, MTP3, NCP, NetBIOS, NETLOGON, ONC RPC, OSPF, PIM, PPP, RADIUS, RANAP, RPC, SAMR, SCTP, SMB, SPNEGO, SPOOLSS, SRVLOC, SRVSVC, SUA, TNS, Token Ring, Wellfleet HDLC, X.25 Updated Capture File Support Firewall-1, Netmon, NetXRay, Radcom, Sniffer == December 7, 2002 Ethereal 0.9.8 has been released. Serious problems with the BGP, LMP, PPP, and TDS dissectors have been discovered. See http://www.ethereal.com/appnotes/enpa-sa-00007.html for more details. New and Updated Features The TAP subsystem received major updates. Tethereal can display more statistics, and several graphs have been added to Ethereal. A protocol hierarchy statistics tap was added to tethereal. This code may be used to replace the hierarchy statistics code in Ethereal. More updates have been added to TCP analysis. After a long hiatus, the Windows installer once again includes SNMP support. The total running time of the capture is now displayed in the capture progress dialog box. The capture progress dialog also shows ARP packets. The look of the plugins dialog was revamped. Bug Fixes and Updates A bug which caused Ethereal under Windows to crash when "Update list of packets in real time" was enabled has been fixed. The stability of the text2pcap utility has been improved. In tethereal, the packet count is properly displayed when you ^C out of a capture. New Protocols ARCNET, ClearCase NFS, DCERPC LSA_DS, Fibre Channel, HyperSCSI, MDNS, PCLI, RPL Updated Protocols AFP, AFS, BACNet, BGP, DCERPC, DCERPC EPM, DCERPC LSA, DCERPC NDR, DCERPC NT, DCERPC SAMR, DCERPC UPDATE, GRE, GTP, HTTP, IPv6CP, IPX, iSCSI, ISDN, IUA, LAPD, LDAP, M2PA, NDPS, NDS, NetBIOS, NFS, NTLMSSP, OSPF, PPP, PPPoE, Q.2931, Q.931, RPC, RSVP, SCSI, SCTP, SMB, SNMP, Spanning Tree, SPNEGO, SPOOLSS, SPX, SRVLOC, TCP, Telnet, V.120, WEP, YPSERV Updated Capture File Support AIX iptrace and tcpdump, NetXRay, Sniffer, snoop == September 28, 2002 Ethereal 0.9.7 has been released. New Features In order to improve the out-of-box responsiveness of Ethereal and Tethereal, network name resolution has been disabled by default. TCP analysis (a feature added in the 0.9.6 release) was improved. The NCP code base received quite a few updates. Initial support for version 2 of the GTK+ library was added. RPC staticstics (which use the new Tap API) were added. Due to added and updated support for the NTLM, SNEGO, and GSS-API protocols, Ethereal can now dissect most of the security blobs for Windows 2000 authentication. The Ethernet "manuf" file now handles addresses specified with a mask, and contains many well-known addresses. New Protocols 802.1s MSTP, FIX, GSS-API, Interbase, NDPS, Netflow (Cisco and Juniper), SCCP-Management, SPNEGO The following DCE/RPC protocols were also added: AFS4INT, BOSSVR, CDS_CLERKSERVER, CDS_SOLICIT, CPRPC_SERVER, DNSSERVER, DTSPROVIDER, DTSSTIME_REQ, FLDB, FTSERVER, KRB5RPC, REPADMIN, REP_PROC, ROVERRIDE, RPRIV, RS_ATTR, RSEC_LOGIN, RS_MISC, RS_PGO, RS_REPLIST, RS_UNIX, SECIDMAP, TKN4INT, UBIKDISK, UKIKVOTE Updated Protocols AFP, AODV/AODV6, BGP, CHDLC, CHPA, DCE/RPC CONV, DCE/RPC LSA, DCE/RPC NT, DCE/RPC SAMR, DHCP, DNS, DOCSIS, EAP, GTP, HTTP, IP, iSCSI, IS-IS, Kerberos, LDAP, LDP, M2PA MMSE, NBNS, NCP, NDS, NETLOGON, NTLMSSP, OSI Q.931 RPC, RPCSTAT, SCSI, Skinny, SMB, SNEGO, SPOOLSS, SRVSVC, TCP, WSP, == August 20, 2002 Ethereal 0.9.6 has been released. Bugs Fixed A buffer overflow in the ISIS dissector has been fixed. More information can be found at http://www.ethereal.com/appnotes/enpa-sa-00006.html. A bad TCP header could cause problems for the "Follow TCP Stream" feature. Setting "column.format" from the command line no longer crashes Ethereal and Tethereal. Problems with capture files being overwritten (e.g. if you try to save over the current capture file) have been fixed. An SMB conversation handling bug has been fixed. Thanks to Valgrind, several memory leaks have been fixed. Some problems with printing under Windows have been fixed. New Features TCP sequence number analysis has been added. The DCE RPC NETLOGON dissector has received a major overhaul. Data types throughout the code have been cleaned up. New Protocols CPHA, DOCSIS, NTLMSSP, Xyplex terminal server protocol, ZIP Updated Protocols 802.11, AFP, ASAP, BGP, CDP, CDPCP, CPHA, DDP, DCERPC, DCERPC NT, DCERPC REG, EPM, FTP, HCLNFSD, HTTP, IPX, ISAKMP, ISIS, IUA, Kerberos, L2TP, LLMNR, LSA, MMSE, MPLSCP, NBNS, NetBIOS, NETLOGON, NFS, NTLMSSP, PPP, Quake2, RADIUS, RSVP, RTCP, SAMR, SCSI, SDP, SIP, SMB, SMB Mailslot, SMTP, SPOOLSS, TCP, TDS, TNS, TPKT, Token Ring, VJ TCP, WINREG, WSP Capture File Updates CheckPoint Firewall-1 monitor file support and CoSine debug file support were added. Support for pppdump and Netmon files was updated. == June 28, 2002 Ethereal 0.9.5 has been released. This version fixes several potential security problems revealed since the release of 0.9.4. See the security advisory at http://www.ethereal.com/appnotes/enpa-sa-00005.html for more details. New Features: The ability to read packet data from a pipe was enhanced. Printing under Windows now works. New Protocols 802.3 LACP, Apache JServ, AODV6, DCERPC Browser, Java RMI, TAPI Updated Protocols ATM, BGP, BOOTP, DCE RPC, EPM, Frame Relay, GTP, L2TP, LMP, MAPI, MIP, MMSE, MTP3, NCP, NFS, NSPI, PPP, Q2931, RADIUS, RSVP, SCSI, SMB, SNA, SOCKS, SPOOLSS, SRVSVC, SunATM, TFTP, TNS, Token Ring, UCP, VJ TCP/IP, WCP, WEP, WSP, WTP Capture File Updates Ethereal can now write LANalyzer files. The Sniffer, nettl, snoop, NetXRay, and libpcap code all received updates.