WireShark is an invaluable tool in recording and reviewing network traffic, it was previously known as Ethereal and is available for a variety of platforms.
Installation can sometimes be hard to remember as use by non-superusers requires additional configuration in Linux.
- Add the repository and install:
sudo add-apt-repository ppa:wireshark-dev/stablesudo apt-get update
sudo apt-get install wireshark
- During installation, the following will appear, chose "Yes" for most instances.
Should non-super users be able to capture packets - Yes / No?
- If you need to change the value you selected, you can always re-run the following:
dpkg-reconfigure wireshark-common
- Add the user to the
wireshark
group so that they can capture traffic:
add user to group:
sudo usermod -a -G wireshark username
id username
- If you need additional information, you can always RTFM:
sudo vi /usr/share/doc/wireshark-common/README.Debian.
REFERENCES: