how to install wireshark on Ubuntu 20.04 LTS

How To Install Wireshark On Ubuntu 20.04 LTS

On this article we will discuss how to install and configure Wireshark 3.4.2 (the lastes stable version so far) on Ubuntu 20.04 LTS Linux Operating system.



Introduction

Wireshark is a free and open-source network protocol analyzer. Previously known as Ethereal, Wireshark is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark is cross-platform, using the Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets. On this article we will discuss how to install and configure Wireshark 3.4.2 on Ubuntu 20.04 LTS operating system. We will use the last stable repository of Wireshark which was released on December 18, 2020.

Installing Wireshark on Ubuntu 20.04 LTS

The Wireshark installation will be consist of several steps as briefly explained below :

  1. Add The last Wireshark Stable Repository
  2. Installing Wireshark
  3. Configuring Wireshark
  4. Launch Wireshark

Add The last Wireshark Stable Repository

The first step of installing Wireshark is to add the last stable version, this can be obtained by submitting command line : sudo add-apt-repository ppa:wireshark-dev/stable.

ramans@diginet-app02:~$ sudo add-apt-repository ppa:wireshark-dev/stable
 [sudo] password for ramans: 
  Latest stable Wireshark releases back-ported from Debian package versions.
 Back-porting script is available at https://github.com/rbalint/pkg-wireshark-ubuntu-ppa
 From Ubuntu 16.04 you also need to enable "universe"  repository, see:
 http://askubuntu.com/questions/148638/how-do-i-enable-the-universe-repository
 The packaging repository for Debian and Ubuntu is at: https://salsa.debian.org/debian/wireshark
  More info: https://launchpad.net/~wireshark-dev/+archive/ubuntu/stable
 Press [ENTER] to continue or Ctrl-c to cancel adding it.

Installing Wireshark 3.4.2

Before installing step, we have to update our Ubuntu system first to enable the last packages update on the system. This task can be obtained by submitting command line : sudo apt update.

ramans@diginet-app02:~$ sudo apt update
 Hit:1 http://security.ubuntu.com/ubuntu focal-security InRelease    
 Hit:2 http://us.archive.ubuntu.com/ubuntu focal InRelease           
 Hit:3 http://us.archive.ubuntu.com/ubuntu focal-updates InRelease
 Hit:4 http://us.archive.ubuntu.com/ubuntu focal-backports InRelease
 Err:5 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu focal InRelease
Update Ubuntu system
Update Ubuntu system

The next step is submitting command line : sudo apt -y install wireshark to install Wireshark 3.4.2 on the system.

ramans@diginet-app02:~$ sudo apt -y install wireshark
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done
 The following packages were automatically installed and are no longer required:
   libeclipse-jdt-core-java libfprint-2-tod1 libllvm9 libtcnative-1
 Use 'sudo apt autoremove' to remove them.
 The following additional packages will be installed:
   libc-ares2 libdouble-conversion3 libminizip1 libpcre2-16-0 libqt5core5a libqt5dbus5 libqt5gui5
   libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5
   libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5 libqt5widgets5 libsmi2ldbl
   libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark14 libwiretap11 libwsutil12
   libxcb-xinerama0 libxcb-xinput0 qt5-gtk-platformtheme qttranslations5-l10n wireshark-common
   wireshark-qt
 Suggested packages:
   qt5-image-formats-plugins qtwayland5 snmp-mibs-downloader geoipupdate geoip-database
   geoip-database-extra libjs-leaflet libjs-leaflet.markercluster wireshark-doc
 The following NEW packages will be installed:
   libc-ares2 libdouble-conversion3 libminizip1 libpcre2-16-0 libqt5core5a libqt5dbus5 libqt5gui5
   libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5
   libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5 libqt5widgets5 libsmi2ldbl
   libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark14 libwiretap11 libwsutil12
   libxcb-xinerama0 libxcb-xinput0 qt5-gtk-platformtheme qttranslations5-l10n wireshark
   wireshark-common wireshark-qt
install wireshark
Install Wireshark

Then we will be prompted by the dialog box as shown below. We select the <Yes> option to complete the installation.

After installation was done, then we verify it by querying its version, this task can be done by submitting command line : wireshark --version, the result is as shown below.

ramans@diginet-app02:~$ wireshark --version
 Wireshark 3.4.2 (Git v3.4.2 packaged as 3.4.2-1~ubuntu20.04.0+wiresharkdevstable1)
 Copyright 1998-2020 Gerald Combs gerald@wireshark.org and contributors.
 License GPLv2+: GNU GPL version 2 or later https://www.gnu.org/licenses/gpl-2.0.html
 This is free software; see the source for copying conditions. There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 Compiled (64-bit) with Qt 5.12.8, with libpcap, with POSIX capabilities (Linux),
 with libnl 3, with GLib 2.64.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares
 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.13 and PKCS #11 support, with Gcrypt
 1.8.5, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.40.0, with
 brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.10, with
 QtMultimedia, without automatic updates, with SpeexDSP (using system library).
 Running on Linux 5.8.0-36-generic, with Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
 (with SSE4.2), with 7933 MB of physical memory, with locale en_US.UTF-8, with
 libpcap version 1.9.1 (with TPACKET_V3), with GnuTLS 3.6.13, with Gcrypt 1.8.5,
 with brotli 1.0.7, with zlib 1.2.11, binary plugins supported (0 loaded).
 Built using gcc 9.3.0.
Wireshar version 3.4.2
Wireshar version 3.4.2

Configuring Wireshark

On this section, we will configure accounts who could use Wireshark. For this purpose, we have to add account(s) to the wireshark group so that these users can use Wireshark. As our example we will add all user to be able to use Wireshark. To do this, we will submit the command line :

ramans@diginet-app02:~$ sudo usermod -a -G wireshark $USER
[sudo] password for ramans: 
ramans@diginet-app02:~$ sudo chgrp wireshark /usr/bin/dumpcap
ramans@diginet-app02:~$ sudo chmod 750 /usr/bin/dumpcap
ramans@diginet-app02:~$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

Then verify it by submitting command line :

ramans@diginet-app02:~$ sudo getcap /usr/bin/dumpcap
 /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip

Launching Wireshark

After Wireshark installation and configuration was completed done, then we will launch the application. The Wireshark can be launched by searching on Ubuntu Application Manager or submit the ‘wireshark’ from the console.

Launching Wireshark through the Graphical User Interface (GUI) by opening the activities on the Ubuntu desktop. Search Wireshark then doubleclick the wireshark icon.

The second option is calling wireshark by submitting command line form the console :

The Wireshark first use is as follow :

Wireshark first user
Wireshark first user
Wireshark in use
Wireshark in use

Conclusion

On this article we have shown you how to install Wireshark version 3.4.2 on Ubuntu 20.04 LTS operating system successfully. For more detail about Wireshark can be discovered on Wireshark official web page.

Share this article via :

Leave a Reply

Your email address will not be published. Required fields are marked *