Wireshark on Ubuntu - Networking

This is a discussion on Wireshark on Ubuntu - Networking ; I installed Wireshark on Ubuntu. It does not appear to be able to see any network interfaces when running as an unprivileged user, and only captures if I run it with sudo, which is a security risk, since it shouldn't ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Wireshark on Ubuntu

  1. Wireshark on Ubuntu

    I installed Wireshark on Ubuntu. It does not appear to be able to see
    any network interfaces when running as an unprivileged user, and only
    captures if I run it with sudo, which is a security risk, since it
    shouldn't be running as a privileged user. How can I run a capture
    without running wireshark as a privileged user?

    Thanks!

  2. Re: Wireshark on Ubuntu

    nooneinparticular314159@yahoo.com wrote:
    > I installed Wireshark on Ubuntu. It does not appear to be able to see
    > any network interfaces when running as an unprivileged user, and only
    > captures if I run it with sudo, which is a security risk, since it
    > shouldn't be running as a privileged user.


    It shouldn't?
    http://www.wireshark.org/docs/wsug_h...uisitesSection

    --
    As we enjoy great advantages from inventions of others, we should be
    glad of an opportunity to serve others by any invention of ours;
    and this we should do freely and generously.
    --Benjamin Franklin

  3. Re: Wireshark on Ubuntu

    johnny bobby bee writes:
    > It shouldn't?
    > http://www.wireshark.org/docs/wsug_h...uisitesSection

    Exactly. The same is true for TCPDUMP or any other packet sniffer.

    --
    Allan

  4. Re: Wireshark on Ubuntu

    nooneinparticular314159@yahoo.com wrote:
    > I installed Wireshark on Ubuntu. It does not appear to be able to see
    > any network interfaces when running as an unprivileged user, and only
    > captures if I run it with sudo, which is a security risk, since it
    > shouldn't be running as a privileged user. How can I run a capture
    > without running wireshark as a privileged user?
    >
    > Thanks!


    you could capture with tcpdump -Z -w file -s 0
    this will set the nic in prom mode as root and then suiding to the id of
    user dump_user

    after your capture is finished you can then analyse the dumpfile
    ../file with wireshark as a normal user (after changing permissions
    offcorse)

    iirc wireshark can't suid to a less priviledged user after
    binding itself to the NIC interface just yet

+ Reply to Thread