Wednesday, October 18, 2017

How to install Wireshark on Lubuntu 16.04

How to install Wireshark on Lubuntu 16.04

Wireshark is a very powerful tool for capturing network traffic data, originally named 'Ethereal' because of trademark issue it was renamed into wireshark back in 2006. In this article show you how to install wireshark and see what it can do.

Wireshark is also popular among hackers, because this thing can be used to see data traffic on a network. Using wireshark hacker can see your username and password easily by creating a fake WiFi hotspot and analyze the data that goes in and out.

How to install Wireshark on Lubuntu 16.04
Wireshark is part of lubuntu/ubuntu official repository, so you can install it with apt-get, like this:
sudo apt-get update
sudo apt-get install wireshark

During the installation of wireshark, you will be asked to enable access for all user or root only, it's up to you. For security reasons it's not recommended enable this option, but if you just playing around i think you should enable this option.

If you don't enable access for all user, you need to run wireshark with sudo from command line, so basically you need to do this every time you want to run wireshark:
sudo wireshark

How to use Wireshark?
When you open the wireshark, you need to choose network interface you wish to capture the data, for now let's just capture our own internet activity, so in my case the network interface that i use to connect to the internet is wlp4s0 which is wireless network, so i choose that.

How to install Wireshark on Lubuntu 16.04

How to install Wireshark on Lubuntu 16.04

Once you choose network interface to capture, wireshark will start capturing the data and you can see the data immediately, you might confuse with all the data that is displayed by wireshark, because wireshark will dump all data, so you need to filter that data so that you can analyze it.

For example you want to see what url is being access, then you need to type dns on the filter input, this will display only dns protocol, other filter such as:
  • arp
  • udp
  • tcp
  • dns
  • http
  • ntp
  • and many more
Wireshark is good way to analyze network traffic data, it is also a good reason why you should be careful when using public WiFi hotspot, somebody could hijack your data and see your credential (username, password) when you do login to any website or services that you use.

No comments:

Post a Comment