Release Type | Release Number | Release Date |
Original | CloudShark 3.1 | October 6th, 2016 |
Maintenance Release #1 | CloudShark 3.1.1 | October 20th, 2016 |
Maintenance Release #2 | CloudShark 3.1.2 | October 27th, 2016 |
Maintenance Release #3 | CloudShark 3.1.3 | November 2nd, 2016 |
Maintenance Release #4 | CloudShark 3.1.4 | November 17th, 2016 |
Maintenance Release #5 | CloudShark 3.1.5 | December 5th, 2016 |
CloudShark 3.1 enhances the Ladder Diagram tool, adds Merging functionality to the API and fixes some system-usage things under the hood. You’ll see less memory usage, and fewer open file handles if you’re into that kind of thing.
If you’ve been waiting to upgrade to the 3.x series with DeepSearch, now is your chance!
— The CloudShark Team
The Ladder Diagram analysis tool can now show different kinds of endpoints as nodes. You can choose between the default source/destination fields, use hardware addresses or network addresses only, or show an endpoint for each TCP or UDP stream.
Here’s an example of the new endpoints being used to visualize both the LAN side and the WAN side of a home gateway:
In this example we can see a client getting an address using DHCP and then requesting a website over HTTP. Since we are using the hardware address as the endpoints we can click on the TCP traffic to see the home gateway performing NAT on the packets the client sends.
Read more about the Ladder Diagram tool.
CloudShark can now merge multiple captures files together into a single new file via the API. Documentation is available in our API Guide
curl
CloudShark has always had the ability to import a capture file directly by URL.
Prior to this release we were retrieving the file from inside the CloudShark
application. This required us to read the entire download into memory, as well
as handle any lustom options in our code. CloudShark now uses the
system standard curl
tool to fetch files.
More information on configuring custom curl options can be found in the documentation
An important note about redirects: The upgrade to curl has had one significant change - CloudShark will no longer follow redirects when fetching a capture file by URL by default. Blindly following redirects was not the most secure practice. If you would like to re-enable following redirects, please see our documentation on custom curl options.
CloudShark 3.1 fixes a problem where some system-level FIFO pipes weren’t being closed or cleaned up fast enough, leading to a “Too many open files” error message and crash in some instances. These pipes are being closed immediately after use now and will no longer cause this error.
Users upgrading from CloudShark 2.8.x can run cloudshark-admin --install-latest
as root
to perform the upgrade.
Please read the upgrade instructions if you are upgrading from an older version of CloudShark.
CloudShark 3.1.1 reduces memory usage and improves performance in certain circumstances. We’ve also resolved a couple minor bugs that have surfaced since 3.1.0.
The DNS analysis tool now updates the current URL as you click around making it even easier to share the page that you were looking at.
This was a minor maintenance release for the CloudShark.org service only. There were no changes made to CloudShark Enterprise.
cloudshark-admin
toolCloudShark 3.1.4 introduces some new configuration options, and generally improves the security, memory usage, and performance of CloudShark. If you have a lot of annotations on your packets, this release will make you smile.
New in version 3.1.4 is a configuration section for the Fetch by URL feature.
Administrators can now decide if the feature is enabled at all, and which
protocols are safe to allow. The default configuration is limited to http
and https
only. Please see our custom curl
documentation for additional options.
By default, when CloudShark is importing a new capture file, it will read any packet comments out of the pcapng format and convert them into CloudShark annotations. This is now a configurable option found under the Settings menu and can be disabled.
CloudShark 3.1.4 also addresses a few additional issues for files and users who make extensive use of packet annotations.
This maintenance release fixes some URLs that were vulnerable to specific Cross-Site-Scripting (XSS) attacks. We recommend that all customers upgrade to this latest release.
For more information on the specifics of these, please contact support@cloudshark.org.