Wireshark is a tool that works as a network protocol analyzer, allowing to capture and analyze in real time, in an interactive way, the traffic that passes through a network. It is the most popular tool of this type. It runs on Windows, Mac, Linux and UNIX. Experts in fullfilment of security requirements, professionals in networks and educators use it regularly. It is free software, under the GNU GPL 2. |
With this tool we will be able to analyze all the data packets that enter and leave any of our network interfaces (Ethernet or Wi-Fi cards). You can see this information in real time, and it can be filtered in real time as well. It is found in the repositories of the most popular books.
or by the terminal:
sudo apt-get install wireshark
It should be similar with the package handlers of the other distributions.
Since the default users do not have permission to handle the network interfaces directly, and to avoid using Wireshark as root, this "fix" must be done so that a regular Ubuntu user can use the tool without problems. These commands must first be run in a terminal
sudo addgroup –quiet –system wireshark sudo chown root: wireshark / usr / bin / dumpcap sudo setcap cap_net_raw, cap_net_admin = eip / usr / bin / dumpcap
What this does is create a new group and allow the use of dumpcap (the program that uses Wireshar by default for the capture) then we add our user to the new group
sudo usermod -a -G wireshark youruser
(remember that you must change your username to your username)
And reconfigure Wireshark so that non-administrators can capture packets:
sudo dpkg-reconfigure wireshark-common
Select "Yes", it should work without problems.
Source: vlara
Couldn't run / usr / bin / dumpcap in child process: Permission denied ... I installed it and everything with sudo but it doesn't work, could someone help me?
Check that you will not use the command that is misspelled:
'sudo addgroup –quiet –system wireshark'
The same thing happened to me, does anyone know how to solve it?
The "style" has changed the command. You have to write double hyphens 'sudo addgroup –quiet –system wireshark'
Excellent help friend. Thank you. LuisG from Peru.
hoa good, I do not know if this will have happened already but if so, I did not find it. upon entering first command it tells me 1 or 2 names are allowed. Someone has been the same??
This blog always saves me thank you very much 😀
Good thing I already have it installed, what I have to do now is learn to use it 🙂 if you know of some tutorials, let me know
try running it with administrator permissions using "sudo" below. Cheers! Paul.
hello, I'm trying to install wireshark, I already added my user to the wireshark group but I keep getting this: "Couldn't run / usr / bin / dumpcap in child process: Permission denied", I have the file like this: "- rwsr-x— 1 root wireshark 68696 Nov 18 17:22 / usr / bin / dumpcap »any ideas?
Hello, it shows me the following error when starting the program «Couldn't run / usr / bin / dumpcap in child process: Permission denied» what could it be?
If you get the error `Couldn't run / usr / bin / dumpcap in child process: Permission denied`, try restarting so that the change of the user's group takes place correctly.
greetings ... thank you very much good contribution ...
There is a very good one, too, for console called KISMET.
regards
You're welcome Edgar!
Hug! Paul.
Thank you very much, it worked for me correctly
No need to reconfigure or, of course, reboot. That is for other SO
Thank you very much friend, it has helped me a lot