Wireshark

Install Wireshark 2.4.0 – Network Protocol Analyzer on Ubuntu

4 years ago
by Admin

Wireshark 2.4.0 the most recent stable release, is known to be the world’s most widely used free network protocol analyzer. You can use it to analyze, troubleshoot, as well as monitor your network for packets in the event of a network or system issue. Before we proceed on how to install wireshark on ubuntu, lets take a quick look at its features.

install Wireshark

Wireshark Features

  • Used for deep inspection of neumerous protocols
  • Can be used to capture live events for offline analysis
  • Comes with a standard three-pane packet browser
  • It’s multi-platform hence runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD etc
  • In addition, all captured network datas can be accessed via the GUI, as well as TTY-mode TShark utility
  • It has the most powerful display filters
  • Used to analyze Rich VoIP
  • All captured data can be outputted in various file formats such as tcpdump, Pcap NG, Microsoft Network Monitor, Sniffer Pro, and NetXray, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer etc
  • Captured compressed files with gzip can be decompressed with ease
  • It comes with support for decryption of many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, as well as WPA/WPA2
  • Offers ability to apply coloring rules to the packet list for quick, as well as intuitive analysis
  • Results can be exported to XML, PostScript, CSV, as well as plain text

Wireshark 2.4.0 Changelog

  • There is now experimental 32-bit and 64-bit Windows Installer (.msi) packages
  • All source packages can now be compressed using xz instead of bzip2
  • The legacy (GTK+) UI is now disabled by default both in the Windows installers, as well as in the development environment (Autotools and CMake)
  • SS7 Point Codes now resolves into names with a hosts-like file
  • There is fullscreen mode to provide more room for packets
  • TShark now supports export of objects like the other GUI interfaces
  • When playing RTP streams, you can now choose the desired output device
  • There is added support for dissectors to include a unit name natively in their hf field
  • Default profile can now be reset to the default values
  • In the selection history of the Qt UI, you can now move back and forth
  • Extcap utilities
    • now provide configuration for a GUI interface toolbar to control the extcap utility while capturing
    • now validate the capture filter
  • Added support for TLS 1.3 (draft 21) dissection and decryption
  • RSA keys dialog for SSL keys feedback improvement made for invalid settings and no longer requires the IP address, Port or Protocol fields to be set in addition to the Key File

See wireshark release notes for more info

How to install Wireshark 2.4.0 on Ubuntu 17.04, Ubuntu 16.10, Ubuntu 16.04, Ubuntu 15.04, Ubuntu 14.04

sudo add-apt-repository ppa:dreibh/ppa

sudo apt-get update && sudo apt-get install wireshark

How to uninstall Wireshark

sudo apt-get remove wireshark

About the author

Avatar

Admin

A passionate Linux user for personal and professional reasons, always exploring what is new in the world of Linux and sharing with my readers.

View all posts

Leave a Comment