|Release Type||Release Number||Release Date|
|Original||CloudShark 2.8||December 11th, 2015|
|Maintenance Release #1||CloudShark 2.8.3||January 29th, 2016|
|Maintenance Release #2||CloudShark 2.8.5||February 16th, 2016|
|Maintenance Release #2||CloudShark 2.8.6||March 21st, 2016|
CloudShark 2.8 December 11th, 2015
The holidays are here, and so is CloudShark 2.8! We’re very excited to bring you two new fantastic utilities for working with your capture files. These new tools will make it easier to combine and reduce existing files and get you closer to the traffic you need to investigate.
Hope you enjoy!
— The CloudShark Team
New Features and Highlights
The new merge tool inside CloudShark makes it easy to combine capture files together. By inspecting timestamps, the visual overview shows you where different captures overlap, so you’re always working on the right files.
Merging files together is necessary when dealing with traffic that spans captures or has come from different points in your network. CloudShark can even remove duplicate packets created by the merge.
Export to a New Capture
You can now easily narrow down and filter out traffic that you don’t need for your analysis! CloudShark’s new export features give you the ability to extract a selection of a capture file and turn it into a new capture session. This selection can be the result of a display filter or a set time range from within the capture file.
And because it’s CloudShark, all the decode-as rules, SSL decryption rules and other additional settings are saved along with the new session.
Read the upgrade instructions for information on obtaining the latest version of CloudShark.
Bug fixes and other changes
- Added a database index for the SHA1 field to speed up searches
- Moved the “Download” capture button under the new “Export” menu
CloudShark 2.8.3 January 29th, 2016
Please note that CloudShark 2.8.1 and 2.8.2 were internal only, and not released to customers.
Support for PKCS#12 SSL keys
CloudShark now supports SSL decryption with either PEM or PKCS#12 (.pfx) keys. Keys stored in the PKCS#12 format remain encrypted on disk, allowing users to view decrypted traffic without exposing the contents of the private key, or the passphrase.
Link to the display filter from the Ladder view
When working with the Ladder view it can be useful to return to the packet summary with a display filter. This release has added that feature by automatically computing the effective display filter when modifying a Ladder view.
CloudShark 2.8.5 February 16th, 2016
Performance improvements to the AutoDelete utility
CloudShark’s AutoDelete utility which is responsible for removing capture files that are older than a specified amount of time has been improved. This release supports deleting more files, with less memory usage, and a far lighter load on the system. The AutoDelete utility runs once per-day at midnight and with lower priority to reduce the impact on the rest of CloudShark.
CloudShark 2.8.6 March 21st, 2016
Updated Protocol and Decryption Support
CloudShark 2.8.6 includes Wireshark 1.12.10 which has the usual bugfixes, protocol updates, and improvements to existing dissectors. Additionally, this version provides a fix for a decryption issue where certain HTTP packets decrypted using the Decrypt SSL Traffic would not be decoded as HTTP.
Download Frame Decode as Text
When looking at a single frame decode in either the Ladder view or VoIP flow view, there is a new option to export and download the text representation of the decoded packet. This can be useful if you need to export the entire packet for use in a diff or another tool.
Bug fixes and other changes
- Fixed issue sharing Ladder view URL’s that had quotation marks in the display filter
- Fixed two “Open in new Window” buttons that did not use a new window