Wireshark 3 is officially released, comes with the new Npcap Windows driver

Recently, Wireshark 3.0 was officially released to replace the open source library WinPap packet capture, which is no longer maintained with Npcap packet sniffing created by Gordon Lyon, the Nmap project founder.

If you don't know, Wireshark is a cross-platform and open source network protocol analysis software, running on Windows as well as most UNIX and UNIX-based platforms like Linux, FreeBSD and macOS.

In addition, Wireshark is also being widely used by security experts, developers and educators in analyzing, troubleshooting, developing and educating, to capture and browse traffic interactions. Package on computer network.

Wireshark 3 is officially released, comes with the new Npcap Windows driver Picture 1

1. Opera launched new updates for Android devices with many noticeable improvements

Due to being distributed with Npcap at the present time, Wireshark 3.0.0 will also be integrated "support loopback loading (loopback capture) and 802.11 WiFi mode loading (802.11 WiFi monitor mode capture) (if supported by the NIC driver), as cited on the Npcap homepage as follows:

'Npcap works on Windows platforms 7 and above using the API NDIS 6 Light-Weight Filter (LWF). It is faster than the NDIS API 5 which is no longer used but Microsoft can delete at any time. In addition, this driver has been signed with our EV certificate, and has also been signed by Microsoft, so it can work even with more stringent driver signing requirements in Windows 10 edition. erected 1607 ".

Compare features between Npcap and WinPcap:

Npcap feature WinPcap Information Maintain active (Actively maintained) Yes No Last release date 07/05/18 08/03/13 Version libpcap 1.8.1 (2016) 1.0.0 (2008) Free License for personal use BSD-style Security Sign code EV SHA-256 Yes No Limit access to administrators Yes No Advanced features Load raw 802.11 frames (Capture raw 802.11 frames) Yes, with multiple sets Yes, with AirPcap dedicated hardware Capture Loopback traffic (Capture Loopback traffic) Yes No Loopback (Inject Loopback traffic) traffic Yes No

1. Kali Linux 2019.1 was officially released

Although the list of fixes in version 3.0.0 is quite modest, only 4 issues have been patched, but the list of updated features and new features is quite extensive, including all plugins. New since Wireshark 2.6.0, the stable version was released earlier.

Besides, the latest version also comes with a large list of new protocols that it can capture, from Apple Wireless Direct Link (AWDL) and Cisco Meraki Discovery Protocol (MDP), to protocols Network 5G NGAP, XnAP, NR and E1AP.

Wireshark 3 is officially released, comes with the new Npcap Windows driver Picture 2

Although the development team provides direct download links for the latest Windows and macOS versions on the Project Download page, most Unix and Linux vendors deploy their own packages, possibly Installable with the package management system that comes with each platform.

In addition, some packages provided by third parties, as well as direct links to standard packages for some Linux / Unix platforms, will be listed on the Wireshark Third-Party Packages page.

Download Wireshark 3.0