Source Digit

Linux, Ubuntu Tutorials & News, Technology, Gadgets & Gizmos

Home / How To / How To Install Wireshark 2.2.5 in Ubuntu 16.10

How To Install Wireshark 2.2.5 in Ubuntu 16.10

By Sourabh /  Category: How To, Ubuntu

How to Install Wireshark 2.2.5 in Ubuntu 16.10 and Ubuntu 16.04 Systems. Wireshark is a network protocol analyzer for Linux Ubuntu Systems.

Wireshark features:

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text

wireshark

Wireshark 2.2.5

Wireshark 2.2.5 brings various fixes and updated protocol support for GPRS-NS, GTPv2, IAX2, IEEE 802.11, LDSS, MS-WSP, OpcUa, ROHC, RTMTP, SNMP, STANAG 4607, T.38, and UMTS FP. Other changes are:

  • Display filter textbox loses focus during live capturing. (Bug 11890)
  • Wireshark crashes when saving pcaps, opening pcaps, and exporting specified packets. (Bug 12036)
  • tshark stalls on FreeBSD if androiddump is present. (Bug 13104)
  • UTF-8 characters in packet list column title. (Bug 13342)
  • Recent capture file list should appear immediately on startup. (Bug 13352)
  • editcap segfault if a packet length is shorter than ignore bytes parameter. (Bug 13378)
  • dftest segfault with automated build of 2.2.5. (Bug 13387)
  • UMTS MAC Dissector shows Packet size limited for BCCH payload. (Bug 13392)
  • VS2010 win32 编译失败. (Bug 13398)
  • EAP AKA not being decoded properly. (Bug 13411)
  • Dumpcap crashes during rpcap setup. (Bug 13418)
  • Crash on closing SNMP capture file if snmp credentials are present. (Bug 13420)
  • GPRS-NS message PDU type displayed in octal instead of hexadecimal. (Bug 13428)

Install Wireshark

Run the following command to install Wireshark on Ubuntu:

sudo add-apt-repository ppa:wireshark-dev/stable
sudo apt-get update
sudo apt-get install wireshark

During the installation, it will ask you to configure wireshark-common. It is a method to specifiy that should non-superusers be able to capture packets? Dumpcap can be installed in a way that allows members of the “wireshark” system group to capture packets. This is recommended over the alternative of running Wireshark/Tshark directly as root, because less of the code will run with elevated privileges. Enabling this feature may be a security risk, so it is disabled by default. If in doubt, it is suggested to leave it disabled.

Once installed, open Wireshark from Ubuntu Dash.