Edit: Due to the fact that this article is old, the installation instructions may not work anymore. In order to successfully install the latest version of Wireshark, please access the wireshark tag and open the latest article (the one on top).
Hello Linux Geeksters. As you already know, Wireshark is an open-source protocol analyzer software, very used for monitoring the network traffic.
The latest version available is Wireshark 1.12, which has been released recently, coming with bug-fixes and some new features, including:
- Expert information is now filterable when the new API is in use.
- The “Number” column shows related packets and protocol conversation spans (Qt only).
- When manipulating packets with editcap using the -C <choplen> and/or -s <snaplen> options, it is now possible to also adjust the original frame length using the -L option.
- You can now pass the -C <choplen> option to editcap multiple times, which allows you to chop bytes from the beginning of a packet as well as at the end of a packet in a single step.
- You can now specify an optional offset to the -C option for editcap, which allows you to start chopping from that offset instead of from the absolute packet beginning or end.
- “malformed” display filter has been renamed to “_ws.malformed”. A handful of other filters have been given the “_ws.” prefix to note they are Wireshark application specific filters and not dissector filters.
- The Kerberos dissector has been replaced with an auto generated one from ASN1 protocol description, changing a lot of filter names.
For a full list of changes, see the official release notes.
In this article I will show you how to install Wireshark 1.12.0 on Ubuntu 14.04 Trusty Tahr, Linux Mint 17 Qiana, Pinguy OS 14.04, Elementary OS 0.3 Freya, Peppermint Five, Deepin 2014, LXLE 14.04, Linux Lite 2.0 and other Ubuntu 14.04 derivative systems.
Because it is available via PPA, installing Wireshark 1.12.0 on Ubuntu 14.04 and derivatives is easy. All you have to do is add the ppa to your system, update the local repository index and install the wireshark package. Like this:
$ sudo add-apt-repository ppa:n-muench/programs-ppa
$ sudo apt-get update
$ sudo apt-get install wireshark
Optional, to remove wireshark, do:
$ sudo apt-get remove wireshark