CloudShark 2.8.0

Release Type  Release Number  Release Date 
Original  CloudShark 2.8 December 11th, 2015 
Maintenance release #1  CloudShark 2.8.3 January 29th, 2016 
Maintenance release #2  CloudShark 2.8.5 February 16th, 2016 
Maintenance release #3  CloudShark 2.8.6 March 21st, 2016 

CloudShark 2.8 December 11th, 2015

The holidays are here, and so is CloudShark 2.8! We’re very excited to bring you two new fantastic utilities for working with your capture files. These new tools will make it easier to combine and reduce existing files and get you closer to the traffic you need to investigate.

Hope you enjoy!

— The CloudShark Team

New Features and Highlights

merge screenshot 1

Merging Captures

The new merge tool inside CloudShark makes it easy to combine capture files together. By inspecting timestamps, the visual overview shows you where different captures overlap, so you’re always working on the right files.

Merging files together is necessary when dealing with traffic that spans captures or has come from different points in your network. CloudShark can even remove duplicate packets created by the merge.

Read all about the new merge tool.

Export to a New Capture

You can now easily narrow down and filter out traffic that you don’t need for your analysis! CloudShark’s new export features give you the ability to extract a selection of a capture file and turn it into a new capture session. This selection can be the result of a display filter or a set time range from within the capture file.

And because it’s CloudShark, all the decode-as rules, SSL decryption rules and other additional settings are saved along with the new session.

Read more about exporting captures.

Upgrade Instructions

Read the upgrade instructions for information on obtaining the latest version of CloudShark.

Bug fixes and other changes

  • Added a database index for the SHA1 field to speed up searches
  • Moved the “Download” capture button under the new “Export” menu

CloudShark 2.8.3 January 29th, 2016

Please note that CloudShark 2.8.1 and 2.8.2 were internal only, and not released to customers.

Support for PKCS#12 SSL keys

CloudShark now supports SSL decryption with either PEM or PKCS#12 (.pfx) keys. Keys stored in the PKCS#12 format remain encrypted on disk, allowing users to view decrypted traffic without exposing the contents of the private key, or the passphrase.

Learn more about setting up SSL Keys.

CloudShark 2.8.5 February 16th, 2016

Performance improvements to the AutoDelete utility

CloudShark’s AutoDelete utility which is responsible for removing capture files that are older than a specified amount of time has been improved. This release supports deleting more files, with less memory usage, and a far lighter load on the system. The AutoDelete utility runs once per-day at midnight and with lower priority to reduce the impact on the rest of CloudShark.

CloudShark 2.8.6 March 21st, 2016

Updated Protocol and Decryption Support

CloudShark 2.8.6 includes Wireshark 1.12.10 which has the usual bugfixes, protocol updates, and improvements to existing dissectors. Additionally, this version provides a fix for a decryption issue where certain HTTP packets decrypted using the Decrypt SSL Traffic would not be decoded as HTTP.

Download Frame Decode as Text

When looking at a single frame decode in either the Ladder view or VoIP flow view, there is a new option to export and download the text representation of the decoded packet. This can be useful if you need to export the entire packet for use in a diff or another tool.

Bug fixes and other changes

  • Fixed issue sharing Ladder view URL’s that had quotation marks in the display filter
  • Fixed two “Open in new Window” buttons that did not use a new window