Hello Linux Geeksters. As you already know, Wireshark is an open-source protocol analyzer software, very used for monitoring the network traffic.
The latest version available is Wireshark 1.12, which has been released recently, coming with bug-fixes and some new features, including:
- Expert information is now filterable when the new API is in use.
- The “Number” column shows related packets and protocol conversation spans (Qt only).
- When manipulating packets with editcap using the -C <choplen> and/or -s <snaplen> options, it is now possible to also adjust the original frame length using the -L option.
- You can now pass the -C <choplen> option to editcap multiple times, which allows you to chop bytes from the beginning of a packet as well as at the end of a packet in a single step.
- You can now specify an optional offset to the -C option for editcap, which allows you to start chopping from that offset instead of from the absolute packet beginning or end.
- “malformed” display filter has been renamed to “_ws.malformed”. A handful of other filters have been given the “_ws.” prefix to note they are Wireshark application specific filters and not dissector filters.
- The Kerberos dissector has been replaced with an auto generated one from ASN1 protocol description, changing a lot of filter names.
For a full list of changes, see the official release notes.
In this article I will show you how to install Wireshark 1.12.0 on Ubuntu 14.04 Trusty Tahr, Linux Mint 17 Qiana, Pinguy OS 14.04, Elementary OS 0.3 Freya, Peppermint Five, Deepin 2014, LXLE 14.04, Linux Lite 2.0 and other Ubuntu 14.04 derivative systems.
Because it is not available via any repository/PPA, we have to perform an installation from sources. Follow the instructions exactly, in order to get a successful installation.
Install the required dependencies:
$ sudo apt-get build-dep wireshark
$ sudo apt-get install qt4-default
Download the Wireshark archive, extract it and cd into the extracted folder:
$ cd ~
$ wget https://1.as.dl.wireshark.org/src/wireshark-1.12.0.tar.bz2
$ tar -xjvf wireshark-1.12.0.tar.bz2
$ cd wireshark-1.12.0/
Configure, compile and install:
$ sudo make install
$ sudo ldconfig
That’s it. To start wireshark, open a terminal, type wireshark and hit enter.