This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Installed Wireshark but CAN’T FIND IT (total rookie question)

0

Hello! Quick question: I use Ubuntu/Linux and I recently installed Wireshark using Ubuntu Software Center. It says that I successfully installed it, but now I don't know where to find the Wireshark folder or program! Which folder is it in and how do I access it?

Thanks to anyone who helps me! And thank you for not judging my embarrassingly low level of computer literacy. :)

asked 02 Jun '12, 18:51

Ally's gravatar image

Ally
1111
accept rate: 0%

Thanks everyone! I was able to access it. I really appreciate the help. :) Isn't it nice that on the internet people help each other? (and it's not just trolls on YouTube) :)

(08 Jun '12, 16:20) Ally

2 Answers:

0

Search applications in Unity:

Please use Unity Dash to search for applications:

https://help.ubuntu.com/11.04/ubuntu-help/unity-dash-intro.html

Search applications at the CLI:

Start a Terminal (Ctrl-Alt-T) or again Dash (then type 'Terminal') and run this commands:

which wireshark
which tshark

At the CLI there is no need to know the application path, just type wireshark or tshark in the terminal window and the program will be started.

Regards
Kurt

answered 03 Jun '12, 02:58

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

0

Try sudo wireshark from terminal, that way you can find the interfaces with root privs.

answered 03 Jun '12, 13:09

pluribus's gravatar image

pluribus
1446
accept rate: 0%

Wireshark should not be run as root. There are many lines of code in Wireshark dissectors that could be security vulnerabilities.

(03 Jun '12, 13:48) grahamb ♦

I had no idea wireshark can be remotely exploited when running as root. Thanks for telling me.

How can I get wireshark to find my interfaces without using "sudo?" I just found this is the only way it would actually get into promiscuous mode. For me, just running wireshark fails to find my wlan0 interface.

(03 Jun '12, 14:43) pluribus

See the CapturePrivileges wiki page.

(03 Jun '12, 23:27) grahamb ♦
1

I had no idea wireshark can be remotely exploited when running as root.

saying that wireshark can be remotely exploited (generally), overshoots the mark. It's the myriad of lines of code in the dissectors, that pose a risk if you run wireshark with root privileges. Nobody knows if that code possibly contains security bugs. So, it's better not to run wireshark with root privileges. If you hit such a bug, while dissecting traffic, the impact will be of much less significance if wireshark runs within the context of an unprivileged user.

(04 Jun '12, 02:56) Kurt Knochner ♦