Wireshark Wiki Security Incident

January 9, 2013

On July 25, 2012 an intruder gained access to the server that hosts wiki.wireshark.org, blog.wireshark.org, and ask.wireshark.org. This intrusion went undetected until January 8, 2013.

What was affected?

As far as we can tell the only service affected was wiki.wireshark.org. The Wireshark source code repository, bug tracker, mailing lists, and other services reside on other hosts and do not appear to be impacted.

What are you doing?

Wiki.wireshark.org is down and is being rebuilt from scratch. Even though ask.wireshark.org and blog.wireshark.org don't appear to be impacted they were on the same host and are being rebuilt from scratch as well.

We are still conducting an investigation into the full extent of the breach and will update this page with any new information.

What should I do?

Your password on wiki.wireshark.org will be reset. If you used that password anywhere else you should change that password immediately.

Update: January 9, 2013

wiki.wireshark.org is back online. All passwords have been reset.

Update: January 10, 2013

ask.wireshark.org and blog.wireshark.org are back online.

Update: January 11, 2013

As an added precaution all passwords on ask.wireshark.org and blog.wireshark.org have been reset.

More Information

Debian Wiki Security Incident 2012
wiki.python.org Compromised

Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ AppResponse 11
  • • Full stack analysis – from packets to pages
  • • Rich performance metrics & pre-defined insights for fast problem identification/resolution
  • • Modular, flexible solution for deeply-analyzing network & application performance
Learn More