Install Wireshark on Ubuntu 22.04 | Best Network Analyzer

By Posted on

Install Wireshark on Ubuntu 22.04 | Best Network Analyzer

This guide on the Orcacore website will demonstrate How To Install Wireshark on Ubuntu 22.04. Wireshark is a powerful and widely-used network protocol analyzer, also known as a packet sniffer. It captures data packets traversing a network connection, be it between your computer and your home network or across the internet. A packet is a fundamental unit of data in Ethernet networks. Understanding how to Install Wireshark on Ubuntu 22.04 is crucial for network administrators, security professionals, and anyone interested in understanding network traffic.

Wireshark is arguably the most popular packet sniffer available today. Its primary function, like any packet sniffer, is threefold:

  1. Capture Network Traffic: It intercepts data packets as they travel across a network.
  2. Analyze Captured Data: It dissects these packets, revealing the underlying protocols and data they contain.
  3. Present Data in a Readable Format: It presents the captured and analyzed data in a user-friendly interface, allowing for easy inspection and interpretation.

Before proceeding with the installation, ensure you have a non-root user with sudo privileges on your Ubuntu 22.04 server. If needed, refer to our guide on Initial Server Setup with Ubuntu 22.04 for detailed instructions.

1. Install Wireshark Network Analyzer on Ubuntu 22.04

Let’s walk through the steps to Install Wireshark on Ubuntu 22.04.

First, update your local package index to ensure you have the latest information about available packages:

sudo apt update

Add Wireshark PPA Repository

To install the most recent version of Wireshark, you’ll need to add the Personal Package Archive (PPA) repository to your system.

First, install the software-properties-common package, which provides tools for managing software repositories:

sudo apt install software-properties-common

Next, use the following command to add the Wireshark PPA repository on Ubuntu 22.04:

sudo add-apt-repository ppa:wireshark-dev/stable

After adding the PPA, update your system’s package index again:

sudo apt update

Now, you can install Wireshark using the following command:

sudo apt install wireshark

During the installation process, you will be prompted to configure Wireshark’s permissions. The system, by default, restricts network data capture to users with sudo access. If you want to allow non-root users to use Wireshark for network analysis, select the Yes option. Otherwise, leave the No option selected and press Enter.

Once the installation is complete, verify it by checking the Wireshark version:

wireshark -v

This command should display the installed Wireshark version information.

Wireshark network analyzer

2. How To Launch Wireshark on Ubuntu 22.04?

Now that you have Wireshark installed, let’s look at how to launch it. You can launch Wireshark either from the command line or through the graphical interface. To start Wireshark from the command line, use the following command:

sudo wireshark &

The & symbol runs Wireshark in the background, allowing you to continue using the terminal.

You will then see the Wireshark interface on Ubuntu 22.04:

Wireshark interface

You can now start using Wireshark. For example, you can capture data from available network interfaces. To do this, click on the shark flipper icon in the top left corner to begin recording.

3. Set up the Wireshark Command Line Interface

Wireshark also provides a command-line interface called tshark. To explore its capabilities, use the following command:

tshark --help
**<mark>Output</mark>**
Usage: tshark [options] ...

Capture interface:
  -i <interface>, --interface <interface>
                           name or idx of interface (def: first non-loopback)
  -f <capture filter>      packet filter in libpcap filter syntax
  -s <snaplen>, --snapshot-length <snaplen>
                           packet snapshot length (def: appropriate maximum)
  -p, --no-promiscuous-mode
                           don't capture in promiscuous mode
  -I, --monitor-mode       capture in monitor mode, if available
  -B <buffer size>, --buffer-size <buffer size>
                           size of kernel buffer (def: 2MB)
  -y <link type>, --linktype <link type>
                           link layer type (def: first appropriate)
  --time-stamp-type <type> timestamp method for interface
  -D, --list-interfaces    print list of interfaces and exit
  -L, --list-data-link-types
                           print list of link-layer types of iface and exit
  --list-time-stamp-types  print list of timestamp types for iface and exit

Capture stop conditions:
  -c <packet count>        stop after n packets (def: infinite)
....

If tshark is not already installed (which it usually is with the full Wireshark installation), you can install it using the following command:

sudo apt install tshark

Alternative Installation Methods for Wireshark on Ubuntu 22.04

While the PPA method is generally recommended for obtaining the latest version, here are two alternative approaches to Install Wireshark on Ubuntu 22.04:

1. Using the Default Ubuntu Repository (apt):

Ubuntu’s default repositories contain a version of Wireshark. While it might not be the absolute newest release, it’s a stable and readily available option.

  • Explanation: This method relies on the pre-configured package sources in your Ubuntu system. It’s simpler and doesn’t require adding external PPAs, reducing the risk of compatibility issues.

To install Wireshark using the default repository, run the following command:

sudo apt install wireshark

Follow the prompts during installation, paying attention to the user permission configuration as described in the original guide.

The main advantage here is simplicity. However, the version of Wireshark available in the default repositories might be older than the one in the PPA.

2. Using Snap Package Manager:

Snap is a package management system developed by Canonical, the company behind Ubuntu. It allows you to install applications in self-contained packages that include all their dependencies.

  • Explanation: Snap packages are isolated from the rest of the system, which can improve security and prevent conflicts with other applications. They also often contain the latest versions of software.

To install Wireshark using Snap, run the following command:

sudo snap install wireshark

After installation, you can launch Wireshark using the command:

wireshark

Caveat with Snap:

Snap packages can sometimes consume more disk space and may have a slightly slower startup time compared to traditional apt packages. However, they offer the benefit of automatic updates and a more isolated environment.

Conclusion

At this point, you have successfully learned how to Install Wireshark on Ubuntu 22.04 using multiple methods. Wireshark is an invaluable tool for network protocol analysis and troubleshooting, enabling you to capture and inspect network traffic in real-time. Choosing the installation method that best suits your needs and preferences is key to a smooth experience. Remember to configure user permissions correctly to allow authorized users to analyze network data.

Hope you found this guide helpful. You may also be interested in these articles:

Set Up Password Authentication with Apache on Ubuntu 20.04

Set up Nginx Password Authentication on Ubuntu 20.04

Built-in Linux Terminal in Android 15

Install PyCharm on Ubuntu

Related posts:

Leave a Reply

Your email address will not be published. Required fields are marked *