Shulou(Shulou.com)06/01 Report--

Editor to share with you how to install wireshark Linux system, I believe that most people do not know much about it, so share this article for your reference, I hope you will learn a lot after reading this article, let's go to understand it!

As an efficient and free packet grabbing tool, wireshark can capture and describe network packets. Its biggest advantage is free, open source and multi-platform support. It has become one of the most extensive network packet analysis software in the world.

Under Ubuntu system, you can use apt-get install to install wireshark. Even if you use the following command, you will be prompted to configure it as follows. The default is No, and the choice is Yes. If you choose wrong, it doesn't matter. You can set it later:

Sudo apt-get install wireshark

After the Wireshark installation is complete, type wireshark at the terminal to run the software, as shown in the following figure:

As shown in the figure above, after the installation is completed, it cannot be used directly, that is, there is no permission to operate, because after all, you need to view the network transmission of PC, so you need to configure it as follows: first, enter the command, set the non-root user rights, that is, the interface at the time of installation, and select Yes.

Sudo dpkg-reconfigure wireshark-common

Then use the editor to open / etc/group and find wireshark (if it is just installed, it is usually on the last line). This means that when wireshark is installed, a group called wireshark is generated by default, but no user belongs to this group, so as long as the user using wireshark is added to the wireshark, the building master uses vim to modify it, and the command is as follows:

Sudo vim / etc/group

**

Ok, save the changes, then log out or restart PC, and re-enter wireshark to capture and analyze the package. The interface is as follows:

Xshell using wireshark problem because I have been using ssh to remotely operate Linux PC, I have been using Xshell. When I need to use a graphical interface to use Xshell remotely, I need to configure Xmanager and activate the settings in the properties-> tunnel. But in the process of one use, due to the system's dependence on the library, there is no graphical interface, so the following error occurred when entering wireshark

Qt: XKEYBOARD extension not present on the X server.The X11 connection broke: I Accord O error (code 1) XIO: fatal IO error 0 (Success) on X server "localhost:10.0" after 202 requests (202 known processed) with 0 events remaining

The specific reasons have not been analyzed, the following is a quick solution, install wireshark-gtk, as the name implies, is the gtk version of wireshark, the installation command or apt-getinstall, after the installation is complete, enter wireshark-gtk to start wireshark.

Introduction to Wireshark the following is a brief introduction to the process of using wireshark to grab packets. For details, you can refer to the official documentation. The following is a brief introduction to the information flow of using wireshark to grab OpenBTS to send text messages and make calls. First of all, according to the port definition of OpenBTS, you only need to grab the local address, select LocalBack:IO, and then start.

The interface after starting to crawl is shown in the following figure, which mainly consists of three parts. the first is the data frame (not very professional, as I understand it), which represents the real-time data packet. After the window selects the data frame you need to view, you can analyze it in the next window, that is, what the protocol, frame header, information and so on are. The last part is the corresponding data.

One of the most important tools is Filter, which, as its name implies, is a filter, which means that you can find out what you want to see. Here, OpenBTS uses the SIP protocol to send and receive text messages and make phone calls. We grab packets from the SIP protocol:

The above is all the contents of the article "how to install wireshark in Linux system". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.