This guide will teach you how to install Wireshark on both older and newer versions of the Linux / Ubuntu operating system. Plus, it will give you a thorough, step-by-step walkthrough of the whole process.
We’ll guide you through the installation using both the command line and a graphical user interface. By the end, your Ubuntu PC will be all set to capture network traffic data for troubleshooting and security. Plus, you’ll be ready to analyze that traffic.
How to Set Up Wireshark on Ubuntu 23.10 & 24.04
Wireshark is a GUI-based network packet analysis program that can run on Windows, Linux, and macOS systems. Wireshark instantly analyzes and records packets on the network. In addition, it has a terminal program called “tshark” and contains the same features as the GUI.
The first thing you need to do before installation is to configure the Official Wireshark Repository.
Since it is available in the Repository, its installation is straightforward. Follow the steps below to install the network analysis program step by step.
Steps:
Step 1
To add Wireshark to the Repository, open Terminal and perform the following command, then press Enter.
sudo add-apt-repository ppa:wireshark-dev/stable
Step 2
To update the package list, execute sudo apt-get update.
sudo apt-get update
Step 3
Starting Wireshark installation From the terminal, run the “sudo apt-get install wireshark” command.
sudo apt-get install wireshark
Step 4
Press Y to allow the installation of dependent packages for Wireshark, and then press Enter.
Step 5
If you want to allow non-superusers to perform packet analysis on the network, press Yes. We recommend that you do not enable non-superusers to perform packet analysis on a secure computer.
Step 6
After you have successfully installed Wireshark, you can check the version of the program in Help / About.
Video
How to Uninstall Wireshark
You can use Terminal or Package Manager to uninstall Wireshark on your PC completely. The easiest way to uninstall it is to use the terminal.
Follow the steps below to remove Wireshark from Linux.
Step 1
To view the locations where Wireshark is installed, execute the “whereis wireshark” command at the terminal.
whereis wireshark
Step 2
In the terminal, run sudo apt-get remove –autoremove wireshark wireshark-*.
sudo apt-get remove --autoremove wireshark wireshark-*
Step 3
Press Y to confirm Wireshark removal, and then press Enter.
Step 4
Check again the location where Wireshark is installed. If there is a file for Wireshark, delete it with the sudo rm -rf command.
sudo rm -rf /etc/wireshark/
Video
Conclusion
In this article, we have installed Wireshark, which allows you to perform network packet analysis on a Linux-based operating system. Thanks for following us!