17 Jan
2014
17 Jan
'14
9:46 a.m.
Didn't have a chance to bring it up at the meeting, but I feel it's important to add that wireshark is probably the most frequently security-patched FOSS out there. I watch the security feed from Fedora and the package I see sec-updated most often is wireshark, probably followed by PHPMyAdmin. It's quite astonishing how miserably insecure wireshark is. (Hmm, too bad there doesn't seem to be a page or chart ranking FOSS by CVE count, unless someone else can find one.)
So, if you use wireshark, do your package updates frequently and/or before each invocation of wireshark.
This is a great argument for not using wireshark on Windows, as there is not yum/apt-get for it, AFAIK, meaning you'd be on your own to check for and install updates.