24/05/2014

[Debian] Run Wireshark as non-root user

Wireshark by default enables only the root user to capture network traffic; the idea is that as a root user you'll capture and store the traffic and as non-root user you'll perform any analysis you need. This unfortunately does not allow you to perform a "live capture" where you can work on the data while it is freshly captured from your network interface.

To enable non-root users to run a live capture too, simply dpkg-reconfigure it:

sudo apt-get install wireshark
sudo dpkg-reconfigure wireshark-common

When prompted to allow non-root user to perform restricted operations, say Yes.

Then logout and login again and you should be set. If not, add your user to the wireshark group:

sudo usermod -a -G wireshark $USER

No comments:

Post a Comment

With great power comes great responsibility