|Release Type||Release Number||Release Date|
|Original||CloudShark 2.8||December 11th, 2015|
|Maintenance Release #1||CloudShark 2.8.3||January 29th, 2016|
|Maintenance Release #2||CloudShark 2.8.5||February 16th, 2016|
|Maintenance Release #2||CloudShark 2.8.6||March 21st, 2016|
The holidays are here, and so is CloudShark 2.8! We’re very excited to bring you two new fantastic utilities for working with your capture files. These new tools will make it easier to combine and reduce existing files and get you closer to the traffic you need to investigate.
Hope you enjoy!
— The CloudShark Team
The new merge tool inside CloudShark makes it easy to combine capture files together. By inspecting timestamps, the visual overview shows you where different captures overlap, so you’re always working on the right files.
Merging files together is necessary when dealing with traffic that spans captures or has come from different points in your network. CloudShark can even remove duplicate packets created by the merge.
You can now easily narrow down and filter out traffic that you don’t need for your analysis! CloudShark’s new export features give you the ability to extract a selection of a capture file and turn it into a new capture session. This selection can be the result of a display filter or a set time range from within the capture file.
And because it’s CloudShark, all the decode-as rules, SSL decryption rules and other additional settings are saved along with the new session.
Read the upgrade instructions for information on obtaining the latest version of CloudShark.
Please note that CloudShark 2.8.1 and 2.8.2 were internal only, and not released to customers.
CloudShark now supports SSL decryption with either PEM or PKCS#12 (.pfx) keys. Keys stored in the PKCS#12 format remain encrypted on disk, allowing users to view decrypted traffic without exposing the contents of the private key, or the passphrase.
When working with the Ladder view it can be useful to return to the packet summary with a display filter. This release has added that feature by automatically computing the effective display filter when modifying a Ladder view.
CloudShark’s AutoDelete utility which is responsible for removing capture files that are older than a specified amount of time has been improved. This release supports deleting more files, with less memory usage, and a far lighter load on the system. The AutoDelete utility runs once per-day at midnight and with lower priority to reduce the impact on the rest of CloudShark.
CloudShark 2.8.6 includes Wireshark 1.12.10 which has the usual bugfixes, protocol updates, and improvements to existing dissectors. Additionally, this version provides a fix for a decryption issue where certain HTTP packets decrypted using the Decrypt SSL Traffic would not be decoded as HTTP.
When looking at a single frame decode in either the Ladder view or VoIP flow view, there is a new option to export and download the text representation of the decoded packet. This can be useful if you need to export the entire packet for use in a diff or another tool.