Created
June 2, 2020 10:43
-
-
Save thinktanklinux/8767c8025e7d9957e8bfc98a7f46a092 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Install Stable Wireshark release | |
If you’re more interested in stability as opposed to cutting edge features, then you can install stable release of Wireshark on Ubuntu 20.04 / 18.04 / 16.04. | |
Add PPA repository and install Wireshark. | |
sudo add-apt-repository ppa:wireshark-dev/stable | |
sudo apt update | |
sudo apt -y install wireshark | |
Install Wireshark Development version | |
To get the development release, add | |
sudo add-apt-repository ppa:dreibh/ppa | |
Install Wireshark from the repository: | |
sudo apt update | |
sudo apt -y install wireshark | |
When asked whether to allow non-superusers to capture packets, select your option and finish the installation. | |
Check installed Wireshark version: | |
$ wireshark --version | |
Wireshark 2.9.0 (Git Rev Unknown from unknown) | |
Copyright 1998-2018 Gerald Combs gerald@wireshark.org and contributors. | |
License GPLv2+: GNU GPL version 2 or later http://www.gnu.org/licenses/old-licenses/gpl-2.0.html | |
This is free software; see the source for copying conditions. There is NO | |
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
Compiled (64-bit) with Qt 5.9.5, with libpcap, with POSIX capabilities (Linux), | |
with libnl 3, with GLib 2.56.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares | |
1.14.0, with Lua 5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with MIT | |
Kerberos, with MaxMind DB resolver, without nghttp2, with LZ4, with Snappy, with | |
libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729. | |
Running on Linux 4.15.0-20-generic, with Intel(R) Core(TM) i5-8250U CPU @wireshark --version | |
1.60GHz (with SSE4.2), with 985 MB of physical memory, with locale | |
LC_CTYPE=en_US.UTF-8, LC_NUMERIC=om_KE.UTF-8, LC_TIME=om_KE.UTF-8, | |
LC_COLLATE=en_US.UTF-8, LC_MONETARY=om_KE.UTF-8, LC_MESSAGES=en_US.UTF-8, | |
LC_PAPER=om_KE.UTF-8, LC_NAME=om_KE.UTF-8, LC_ADDRESS=om_KE.UTF-8, | |
LC_TELEPHONE=om_KE.UTF-8, LC_MEASUREMENT=om_KE.UTF-8, | |
LC_IDENTIFICATION=om_KE.UTF-8, with libpcap version 1.8.1, with GnuTLS 3.5.18, | |
with Gcrypt 1.8.1, with zlib 1.2.11, binary plugins supported (0 loaded). | |
Built using gcc 7.3.0. | |
Configure and start Wireshark | |
To be able to capture packets as normal user, add your user to wireshark group. | |
sudo usermod -a -G wireshark $USER | |
change dumpcap binary file permissions. | |
sudo chgrp wireshark /usr/bin/dumpcap | |
sudo chmod 750 /usr/bin/dumpcap | |
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap | |
Verify: | |
$ sudo getcap /usr/bin/dumpcap | |
/usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip | |
Starting Wireshark | |
Launching Wireshark application can be done from the CLI or applications launcher. | |
To start Wireshark from GUI, search for wireshark and hit the enter button. | |
The same can be done from command line by typing: | |
$ wireshark | |
To test packets capturing, select interface to use and click “Start capturing packets” button | |
And boom!. You now have Wireshark installed and working on your Ubuntu 18.04 / Ubuntu 16.04 Desktop machine. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment