DEV Community

Cover image for How to Install Wireshark on Ubuntu
Aditi Bindal for NodeShift

Posted on

How to Install Wireshark on Ubuntu

Wireshark is an open-source network protocol analyzer that has become an important tool for IT professionals, network engineers, and cybersecurity experts. It allows users to capture and analyze network traffic in real-time and provides detailed insights into data packets traversing a network. It supports hundreds of protocols, helps troubleshoot network issues and detect security vulnerabilities, and lets you understand network performance in depth. Its intuitive GUI makes it easy for beginners and experts to filter, decode, and examine packets. Whether you're debugging network problems, optimizing performance, or conducting forensic investigations, Wireshark offers a comprehensive solution to perform all these actions on the network.

hero-image

Wireshark also has its command-line counterpart, Tshark, that can be used by users who prefer automation and scripting. However, this article will focus mainly on installing and setting up Wireshark to run on Ubuntu GUI (Graphical User Interface).

Prerequisites

  • A Virtual Machine (such as the ones provided by NodeShift) with at least:

    • 2 vCPUs
    • 2 GB RAM
    • 10 GB SSD
  • Ubuntu 22.04 VM

Note: The prerequisites for this are highly variable across use cases. A high-end configuration could be used for a large-scale deployment.

Step-by-step process to install Wireshark on Ubuntu

For this tutorial, we'll use a CPU-powered Virtual Machine by NodeShift, which provides high-compute Virtual Machines at a very affordable cost on a scale that meets GDPR, SOC2, and ISO27001 requirements. It also offers an intuitive and user-friendly interface, making it easier for beginners to get started with Cloud deployments. However, feel free to use any cloud provider you choose and follow the same steps for the rest of the tutorial.

Step 1: Setting up a NodeShift Account

Visit app.nodeshift.com and create an account by filling in basic details, or continue signing up with your Google/GitHub account.

If you already have an account, login straight to your dashboard.

Image-step1-1

Step 2: Create a Compute Node (CPU Virtual Machine)

After accessing your account, you should see a dashboard (see image), now:

1) Navigate to the menu on the left side.

2) Click on the Compute Nodes option.

Image-step2-1

3) Click on Start to start creating your very first compute node.

Image-step2-2

These Compute nodes are CPU-powered virtual machines by NodeShift. These nodes are highly customizable and let you control different environmental configurations, such as vCPUs, RAM, and storage, according to your needs.

Step 3: Select configuration for VM

1) The first option you see is the Reliability dropdown. This option lets you choose the uptime guarantee level you seek for your VM (e.g., 99.9%).

Image-step3-1

2) Next, select a geographical region from the Region dropdown where you want to launch your VM (e.g., United States).

Image-step3-2

3) Most importantly, select the correct specifications for your VM according to your workload requirements by sliding the bars for each option.

Image-step3-3

Step 4: Choose VM Configuration and Image

1) After selecting your required configuration options, you'll see the available VMs in your region and as per (or very close to) your configuration. In our case, we'll choose a '2vCPUs/2GB/60GB SSD' as the closest match to the "Prerequisites".

2) Next, you'll need to choose an image for your Virtual Machine. For the scope of this tutorial, we'll select Ubuntu, as we'll install Wireshark on Ubuntu.

Image-step4-1

Step 5: Choose the Billing cycle and Authentication Method

1) Two billing cycle options are available: Hourly, ideal for short-term usage, offering pay-as-you-go flexibility, and Monthly for long-term projects with a consistent usage rate and potentially lower cost.

Image-step5-1

2) Next, you'll need to select an authentication method. Two methods are available: Password and SSH Key. We recommend using SSH keys, as they are a more secure option. To create one, head over to our official documentation.

Image-step5-2

Step 6: Finalize Details and Create Deployment

Finally, you can also add a VPC (Virtual Private Cloud), which provides an isolated section to launch your cloud resources (Virtual machine, storage, etc.) in a secure, private environment. We're keeping this option as the default for now, but feel free to create a VPC according to your needs.

Also, you can deploy multiple nodes at once using the Quantity option.

Image-step6-1

That's it! You are now ready to deploy the node. Finalize the configuration summary; if it looks good, go ahead and click Create to deploy the node.

Image-step6-2

Step 7: Connect to active Compute Node using SSH

As soon as you create the node, it will be deployed in a few seconds or a minute. Once deployed, you will see a status Running in green, meaning that our Compute node is ready to use!

Image-step7-1

Once your node shows this status, follow the below steps to connect to the running VM via SSH:

1) Open your terminal and run the below SSH command:

(replace root with your username and paste the IP of your VM in place of ip after copying it from the dashboard)

ssh root@ip
Enter fullscreen mode Exit fullscreen mode
  1. In some cases, your terminal may take your consent before connecting. Enter ‘yes’.

  2. A prompt will request a password. Type the SSH password, and you should be connected.

Output:

Image-step7-2

Step 8: Install Wireshark

Before installing the main software, let's first update and upgrade the system packages to fetch the latest updates and align with the security patches.

1) Update the Ubuntu package source-list.

apt update
Enter fullscreen mode Exit fullscreen mode

Output:

Image-step8-1

2) Initiate a full upgrade on system packages.

apt full-upgrade
Enter fullscreen mode Exit fullscreen mode

Output:

Image-step8-2

3) Install Wireshark

apt install wireshark
Enter fullscreen mode Exit fullscreen mode

Output:

Image-step8-3

4) Confirm the installation.

wireshark --version
Enter fullscreen mode Exit fullscreen mode

Output:

Image-step8-4

Step 9: Access Wireshark from GUI

To use the Wireshark Network Analyzer, you'll need to access your server through Ubuntu Desktop. This requires a GUI interface to open the Wireshark application interface.

If you are on a Ubuntu Virtual Machine, install Ubuntu GUI and log in as an authorized user. Then you can access the application by running "wireshark" on the desktop terminal.

Once the application opens up, it may look similar to this:

Image-step9-1

That said, you can now go ahead and perform a wide range of network analysis and troubleshooting tasks.

Conclusion

In this guide, we explored the process of installing Wireshark on Ubuntu, from understanding its powerful features for network analysis to configuring it in both GUI and CLI environments. We have also covered how you can easily configure, create, and deploy your Ubuntu VM on NodeShift's cloud dashboard, ensuring a smooth setup process with reliable performance and scalability. With these steps, you’re ready to use Wireshark effectively to debug, monitor, or enhance your network's security.

For more information about NodeShift:

Top comments (0)