Analyze Network Protocols With Wireshark on Ubuntu
Wireshark is an open source network protocol analyzer. It allows you capture packets from a network interface and then analyze their contents. Wireshark can be downloaded and installed from Ubuntu’s repositories:
sudo apt-get install wireshark
I had to run Wireshark as root to see my network interfaces. To start capturing
packets, click Capture->Interfaces in the application menu. Then click the
start button corresponding to the network interface you would like to capture
from. A window will come up showing how many packets have been captured. Click
the stop button to stop capturing.
Leave Wireshark on for a while and watch all sorts of interesting things
happening. For example, I saw my computer do a DNS query with OpenDNS to find
sb.google.com, and then make a HTTP GET request. It looks like it was Firefox
updating its phishing list from Google. With Wireshark you can watch what your
software is doing on the network.
If you are studying networking like me, Wireshark is a valuable tool for learning.
Archived Comments
Anonymous
hi,
I am a new student. I can not install wireshark in ubuntu 7.10 by any way. In
add/Remove… i have a problem, button “Apply Changes” is hidden. If i download
3 files: libadns1_1.4-0.1build1_i386.deb,
wireshark-common_0.99.6rel-3ubuntu0.2_i386.deb,
wireshark_0.99.6rel-3ubuntu0.2_i386.deb, the first file i can not install, the
third file i can not download from internet. Can you help me to make it ? Sorry
for my English.
Thanks.
jbjones
why are you using 7.10? That release is no longer being supported. You should at the very least upgrade to the currently supported LTS (8.04) or the latest release 9.04. Your problem probably is because there are conflicts with the current release of wireshark because it no longer has to support 7.10. It is really a lot to ask for support of a legacy release of OS
John Roberts
Thanks for using OpenDNS there. ;-)
John Roberts
OpenDNS