To use Wireshark to capture network traffic on Ubuntu, you can follow these steps:
- Install Wireshark:
Open a terminal window and enter the following command to install Wireshark:
sudo apt-get install wireshark
- Configure Wireshark:
To capture network traffic, you need to run Wireshark with root privileges. To do this, enter the following command in the terminal:
This will launch Wireshark with root privileges.
- Select an interface:
In the Wireshark window, select the network interface you want to capture traffic on from the drop-down menu. You can choose from Ethernet, Wi-Fi, or other interfaces.
- Start capturing traffic:
Click the "Start" button in the Wireshark window to begin capturing network traffic. You will see a live stream of packets being captured.
- Analyze the captured traffic:
Once you have captured some network traffic, you can analyze it in Wireshark by selecting a packet from the list and examining its contents in the Packet Details pane.
- Stop capturing traffic:
To stop capturing traffic, click the "Stop" button in the Wireshark window.
- Save the captured traffic:
You can save the captured traffic to a file by selecting "File" -> "Save" in the Wireshark window. You can then open the saved file in Wireshark for analysis later.