Wireshark is a free to use and widely-used network protocol analyzer that runs on Windows, Linux, macOS and many BSD systems. With Wireshark you can see what’s happening on your network at a microscopic level. It is used across many commercial and non-profit enterprises, government agencies, and educational institutions. In this short guide you’ll learn how to install and use Wireshark on Linux Mint 20.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
The installation of Wireshark on Linux Mint 20 is straightforward. You can use the default OS APT repository or PPA repository provided by Wireshark development team.
Install Wireshark from Linux Mint APT Repositories
The easiest method is installing Wireshark from the default OS APT repositories. Start by updating APT package index:
sudo apt update
When done run the following commands to install Wireshark on Linux Mint 20.
sudo apt install wireshark
Agree to the installation:
The following additional packages will be installed: libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5 libqt5opengl5 libqt5printsupport5 libsmi2ldbl libspandsp2 libwireshark-data libwireshark13 libwiretap10 libwsutil11 wireshark-common wireshark-qt Suggested packages: snmp-mibs-downloader geoipupdate geoip-database-extra libjs-leaflet libjs-leaflet.markercluster wireshark-doc The following NEW packages will be installed: libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5 libqt5opengl5 libqt5printsupport5 libsmi2ldbl libspandsp2 libwireshark-data libwireshark13 libwiretap10 libwsutil11 wireshark wireshark-common wireshark-qt 0 upgraded, 15 newly installed, 0 to remove and 397 not upgraded. Need to get 22.4 MB of archives. After this operation, 118 MB of additional disk space will be used. Do you want to continue? [Y/n] y
Confirm installation was successful by checking the software version.
$ apt policy wireshark
Install Wireshark from PPA Dev repository
Another way is adding Wireshark Dev PPA repository. This will give you a more recent version of the software package.
sudo apt update sudo apt install software-properties-common -y sudo add-apt-repository ppa:wireshark-dev/stable sudo apt -y install wireshark
Hit the <Enter> key on the keyboard to add the repository:
You are about to add the following PPA: Latest stable Wireshark releases back-ported from Debian package versions. Back-porting script is available at https://github.com/rbalint/pkg-wireshark-ubuntu-ppa From Ubuntu 16.04 you also need to enable "universe" repository, see: http://askubuntu.com/questions/148638/how-do-i-enable-the-universe-repository The packaging repository for Debian and Ubuntu is at: https://salsa.debian.org/debian/wireshark More info: https://launchpad.net/~wireshark-dev/+archive/ubuntu/stable Press Enter to continue or Ctrl+C to cancel Executing: /tmp/apt-key-gpghome.mHwpKXeSRm/gpg.1.sh --keyserver hkps://keyserver.ubuntu.com:443 --recv-keys A2E402B85A4B70CD78D8A3D9D875551314ECA0F0 gpg: key D875551314ECA0F0: public key "Launchpad PPA for Wireshark Developers" imported gpg: Total number processed: 1 gpg: imported: 1
Run apt update and install Wireshark on Linux Mint 20.
sudo apt update sudo apt install wireshark
Allow non-superusers to capture packets, select your option and finish the installation.
Check installed version:
$ wireshark --version Wireshark 3.2.7 (Git v3.2.7 packaged as 3.2.7-1~ubuntu20.04.0+wiresharkdevstable1) Copyright 1998-2020 Gerald Combs <[email protected]> and contributors. License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ....
To use Wireshark search for the application and start it.
The application should be started ready for packet capturing in your network infrastructure.
Check more articles on Linux Mint.