Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > Wireshark on Ubuntu

Reply
Thread Tools Display Modes

Wireshark on Ubuntu

 
 
nooneinparticular314159@yahoo.com
Guest
Posts: n/a

 
      04-26-2008, 05:13 PM
I installed Wireshark on Ubuntu. It does not appear to be able to see
any network interfaces when running as an unprivileged user, and only
captures if I run it with sudo, which is a security risk, since it
shouldn't be running as a privileged user. How can I run a capture
without running wireshark as a privileged user?

Thanks!
 
Reply With Quote
 
 
 
 
Bill Marcum
Guest
Posts: n/a

 
      04-26-2008, 07:30 PM
On 2008-04-26, (E-Mail Removed) <(E-Mail Removed)> wrote:
>
>
> I installed Wireshark on Ubuntu. It does not appear to be able to see
> any network interfaces when running as an unprivileged user, and only
> captures if I run it with sudo, which is a security risk, since it
> shouldn't be running as a privileged user. How can I run a capture
> without running wireshark as a privileged user?
>
> Thanks!

Wouldn't it be a security risk if an unprivileged user could see the
contents of every network packet?
 
Reply With Quote
 
johnny bobby bee
Guest
Posts: n/a

 
      04-26-2008, 08:39 PM
(E-Mail Removed) wrote:
> I installed Wireshark on Ubuntu. It does not appear to be able to see
> any network interfaces when running as an unprivileged user, and only
> captures if I run it with sudo, which is a security risk, since it
> shouldn't be running as a privileged user.

It shouldn't?
http://www.wireshark.org/docs/wsug_h...uisitesSection

--
As we enjoy great advantages from inventions of others, we should be
glad of an opportunity to serve others by any invention of ours;
and this we should do freely and generously.
--Benjamin Franklin
 
Reply With Quote
 
Allan
Guest
Posts: n/a

 
      04-27-2008, 01:28 AM
johnny bobby bee <useraddshine-(E-Mail Removed)> writes:
> It shouldn't?
> http://www.wireshark.org/docs/wsug_h...uisitesSection
Exactly. The same is true for TCPDUMP or any other packet sniffer.

--
Allan
 
Reply With Quote
 
goarilla
Guest
Posts: n/a

 
      04-27-2008, 11:37 AM
(E-Mail Removed) wrote:
> I installed Wireshark on Ubuntu. It does not appear to be able to see
> any network interfaces when running as an unprivileged user, and only
> captures if I run it with sudo, which is a security risk, since it
> shouldn't be running as a privileged user. How can I run a capture
> without running wireshark as a privileged user?
>
> Thanks!

you could capture with tcpdump -Z <dump_user> -w file -s 0
this will set the nic in prom mode as root and then suiding to the id of
user dump_user

after your capture is finished you can then analyse the dumpfile
../file with wireshark as a normal user (after changing permissions
offcorse)

iirc wireshark can't suid to a less priviledged user after
binding itself to the NIC interface just yet
 
Reply With Quote
 
 
 
Reply

« Setting up a bridge disables IP networking? | DHCP and Multicast/Unicast »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ethernet CRC check in Wireshark jprudent Linux Networking 4 03-26-2011 12:55 PM
Re: Alternative to Wireshark Rob Morley Home Networking 6 01-10-2011 10:46 PM
Re: Equivalent to Wireshark for wireless adapters? R Johnson Broadband 5 08-23-2009 06:51 PM
detecting wireshark and ethereal genericprofile13@gmail.com Wireless Internet 2 09-25-2008 05:58 PM
VNC Ubuntu solrpwr Linux Networking 5 02-11-2006 01:31 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11