3.1 Installing Wireshark

Wireshark is a software tool that captures wireless traffic and reproduces it in a readable format. The following are the steps to install the Wireshark tool on a computer.

Windows/macOS

  1. For downloading Wireshark, go to Wireshark.
  2. Click the release package for the corresponding operating system from the stable release list.
  3. The download starts automatically.
  4. Install the package.

Ubuntu Linux

  1. Open the Terminal, then enter sudo apt update.
    Figure 3-1. Wireshark Installation in Linux
  2. Enter sudo apt install wireshark.
    Figure 3-2. Wireshark Installation in Linux
  3. Enter sudo wireshark; this command will open the Wireshark application.
  4. Type “yes” when the installer asks “Should non-superusers be able to capture packets?”. This ensures that packet capture is available to all users in the wireshark system group.
    Figure 3-3. Prompt
  5. Add the correct user to the wireshark user group. For example, type sudo usermod -a -G wireshark $USER. This command asks the system to add the current user to the wireshark group. This is necessary because capturing network packets requires root privileges.
    Note:
    1. If the user encounters an error indicating “group wireshark does not exist”, the wireshark group is not created on the system. To resolve this issue, the user needs to create the group by entering the command groupadd wireshark.
    2. Replace $USER with the actual username if the environment variable is not set. Alternatively, the user can use $(whoami) to automatically insert the name of the current user (for example, sudo usermod -a -G wireshark $(whoami)).
      Figure 3-4. Creating Wireshark Group
  6. Add the correct user to the dialout user group by entering sudo usermod -a -G dialout $USER/sudo usermod -a -G dialout $(whoami) in the terminal.
Note: Restart the computer to apply the new user group settings.