Wireshark install in Ubuntu 14.10

Wireshark_icon.svgI use Wireshark in my demonstrations for the CIS-430 Networking and Distributed Systems class. I always enjoy the reaction of students when I sniff their FTP passwords off the air. To be able to gather packets in promiscuous mode how ever requires some authorization changes. Here is how I did it the last time I did it.  I followed Dickson’s instructions here. They are for 13.10 but also work in 14.10.

First order of business is to create a group for wireshark to use and add ourself to the group.

sudo groupadd wireshark

sudo usermod -a -G wireshark <USER_NAME>

Let us permit Wireshark to use dumpcap.

sudo chgrp wireshark /usr/bin/dumpcap

sudo chmod 750 /usr/bin/dumpcap

sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

Just log out and back in and it should work!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: