Tombuntu

Analyze Network Protocols With Wireshark on Ubuntu

Wireshark is an open source network protocol analyzer. It allows you capture packets from a network interface and then analyze their contents. Wireshark can be downloaded and installed from Ubuntu’s repositories:

sudo apt-get install wireshark

I had to run Wireshark as root to see my network interfaces. To start capturing packets, click Capture->Interfaces in the application menu. Then click the start button corresponding to the network interface you would like to capture from. A window will come up showing how many packets have been captured. Click the stop button to stop capturing.

Wireshark packets

Leave Wireshark on for a while and watch all sorts of interesting things happening. For example, I saw my computer do a DNS query with OpenDNS to find sb.google.com, and then make a HTTP GET request. It looks like it was Firefox updating its phishing list from Google. With Wireshark you can watch what your software is doing on the network.

If you are studying networking like me, Wireshark is a valuable tool for learning.

Archived Comments

John Roberts

Thanks for using OpenDNS there. ;-)

John Roberts
OpenDNS

Anonymous

hi,
I am a new student. I can not install wireshark in ubuntu 7.10 by any way. In add/Remove… i have a problem, button “Apply Changes” is hidden. If i download 3 files: libadns1_1.4-0.1build1_i386.deb,
wireshark-common_0.99.6rel-3ubuntu0.2_i386.deb, wireshark_0.99.6rel-3ubuntu0.2_i386.deb, the first file i can not install, the third file i can not download from internet. Can you help me to make it ? Sorry for my English.
Thanks.

jbjones

why are you using 7.10? That release is no longer being supported. You should at the very least upgrade to the currently supported LTS (8.04) or the latest release 9.04. Your problem probably is because there are conflicts with the current release of wireshark because it no longer has to support 7.10. It is really a lot to ask for support of a legacy release of OS

Respond via email