This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to upgrade wireshark on CentOS 5.4 in order to resolve TLS dissector and decrypt issue.

0

Hi ,

Currenty we are using 1.0.15 wireshark version on our Centos 5.4 machine. With the current installed wireshark version(1.0.15) we are not able dissect ssl packet flows. Only Client hello are getting dessected. Alse we are not able to decrypt the TLS encrypted data.

SO we thought to upgrade the Wireshark version to resolve the above said 2 issues. Yum install wireshark - not pulling the latest version.

Hence please help us to install Latest Version supported on CentOS 5.4. Please point us the Installation package. Tried Lates version source code but again its looking for lot of dependcies.

Please Help.

asked 24 May '16, 23:59

dhanish's gravatar image

dhanish
6335
accept rate: 0%


One Answer:

0

According to the LifeCycle page Wireshark 1.6 is the last version that will compile on RHEL 5. So you'll need to download and compile the 1.6.16 source code. Yes, you'll need to sort out all the development dependencies (lost of *-devel packages) but these should all be available from RH's RPM repositories.

answered 25 May '16, 06:35

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572
accept rate: 27%

Thanks Jeff ! Yes am able to Compile and Install. While compiling i installed libcap-devel.x86_64. One more question though, AM able open new version 1.6.16 from desktop-applications-internet-wireshark.

But at the same time when i open wireshark from terminal by typing 'wireshark' its opening the old version. Its not sourcing new one.

How can i resolve this.

Please Help !

Thanks, Dhanish

(26 May '16, 02:44) dhanish

Uninstall the old one? Your newly build Wireshark is probably installed in /usr/local, which may not be on your path. If so you'll need to add that to your path before being able to use from the command line (without absolute path).

(26 May '16, 04:48) Jaap ♦