Source Digit

Linux, Ubuntu Tutorials & News, Technology, Gadgets & Gizmos

Home / How To / Install Wireshark 2.2.2 Network Protocol Analyzer On Ubuntu

Install Wireshark 2.2.2 Network Protocol Analyzer On Ubuntu

By Sourabh /  Category: How To, Ubuntu

Wireshark 2.2.2 Network Protocol Analyzer released with security fixes. How to install Wireshark 2.2.2 Network Protocol Analyzer on Ubuntu 16,10, Ubuntu 16.04, Ubuntu 14.04 and Ubuntu 15.04 Systems. Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is often regarded as standard across enterprises.

Using Wireshark, users can easily manage network traffic. They can quickly identify the applications running on the network and monitor virtual machine traffic. The application acts as a rich, powerful LAN analyzer with full 802.11 a/b/g/n support. It can browse captured network data via a GUI, or via the TTY-mode TShark utility. Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform).

Wireshark 2.2.2

wireshark

Wireshark 2.2.2 Network Protocol Analyzer brings no new features or new file format decoding support. The release brings massive list of updated Protocol support, including 6LoWPAN, AllJoyn, AMPQ, ANSI IS-637 A, BGP, CLNP, DCERPC, DICOM, DTN, E.212, EIGRP, ERF, GVSP, IEEE 802.11, IEEE 802.15.4, IP, ISO-8583, Kerberos, L2TP, LACP, MAC LTE, OpenFlow, Profinet I/O, RTPS, SCTP, SDP, Skype, SMPP, SNA, SNMP, SPNEGO, TCP, USB Audio, XML, and ZigBee

The following bugs have been fixed:

  • TCP: nextseq incorrect if TCP_MAX_UNACKED_SEGMENTS exceeded & FIN true. (Bug 12579)
  • SMPP schedule_delivery_time displayed wrong in Wireshark 2.1.0. (Bug 12632)
  • Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. (Bug 12712)
  • dmg for OS X does not install man pages. (Bug 12746)
  • Fails to compile against Heimdal 1.5.3. (Bug 12831)
  • TCP: Next sequence number off by one when sending payload in SYN packet (e.g. TFO). (Bug 12838)
  • Follow TCP Stream shows duplicate stream data. (Bug 12855)
  • Dissection engine falsely asserts that EIGRP packet’s checksum is incorrect. (Bug 12982)
  • IEEE 802.15.4 frames erroneously handed over to ZigBee dissector. (Bug 12984)
  • Capture Filter Bookmark Inactive in Capture Options page. (Bug 12986)
  • CLNP dissector does not parse ER NPDU properly. (Bug 12993)
  • SNMP trap bindings for NON scalar OIDs. (Bug 13013)
  • BGP LS Link Protection Type TLV (1093) decoding. (Bug 13021)
  • Application crash sorting column for tcp.window_size_scalefactor up and down. (Bug 13023)
  • ZigBee Green Power add key during execution. (Bug 13031)
  • Malformed AMPQ packets for session.expected and session.confirmed fields. (Bug 13037)
  • Wireshark 2.2.1 crashes when attempting to merge pcap files. (Bug 13060)
  • [IS-637A] SMS – Teleservice layer parameter -→ IA5 encoded text is not correctly displayed. (Bug 13065)
  • Failure to dissect USB Audio feature unit descriptors missing the iFeature field. (Bug 13085)
  • MSISDN not populated/decoded in JSON GTP-C decoding. (Bug 13086)
  • E212: 3 digits MNC are identified as 2 digits long if they end with a 0. (Bug 13092)
  • Exception with last unknown Cisco AVP available in a SCCRQ message. (Bug 13103)
  • TShark stalls on FreeBSD if androiddump is present. (Bug 13104)
  • Dissector skips DICOM command. (Bug 13110)
  • UUID (FT_GUID) filtering isn’t working. (Bug 13121)
  • Manufacturer name resolution fail. (Bug 13126)
  • packet-sdp.c allocates transport_info→encoding_name from wrong memory pool. (Bug 13127)
  • Payload type name for dynamic payload is wrong for reverse RTP channels. (Bug 13132)

Install Wireshark 2.2.2

Wireshark 2.2.2, the latest release of Network Protocol Analyzer can be installed on Ubuntu 16.10, Ubuntu 16.04 and Ubuntu 14.04 Systems. Run the following command to install Wireshark on Ubuntu:

sudo add-apt-repository ppa:wireshark-dev/stable
sudo apt-get update
sudo apt-get install wireshark

During the installation, it will ask you to configure wireshark-common. It is a method to specifiy that should non-superusers be able to capture packets? Dumpcap can be installed in a way that allows members of the “wireshark” system group to capture packets. This is recommended over the alternative of running Wireshark/Tshark directly as root, because less of the code will run with elevated privileges. Enabling this feature may be a security risk, so it is disabled by default. If in doubt, it is suggested to leave it disabled.

Once installed, open Wireshark from Ubuntu Dash.

Uninstall & Remove Wireshark 2.2.2

If you wish to uninstall and remove Wireshark 2.2.2 from Ubuntu Systems, run the command:

sudo apt-get install ppa-purge
sudo ppa-purge ppa:wireshark-dev/stable
sudo apt-get update