本文介绍了如何在Linux系统上安装Wireshark网络协议分析器,并详细解释了配置非root用户使用dumpcap文件的方法,使普通用户也能启动并正常使用Wireshark进行网络包捕获。
Installing wireshark
1. #yum install wireshark
2.#yum install wireshark-gnome
Perform the following steps to allow non-root users access to the dumpcap file so that they can open it for use within wireshark.
$ sudo groupadd wireshark
$ sudo usermod -a -G wireshark saml
$ setcap cap_net_raw,cap_net_admin=eip /usr/sbin/dumpcapLaunching wireshark
Once you've made the above changes you can now launch wireshark. It should be noted that when you run it you'll still be presented with a dialog which makes you think it didn't work, but this is just giving you the opportunity to either run
wireshark as yourself, "unprivileged", or as root.
Step #1: After launching, you'll see this dialog.
Step #2: If you select unprivileged, you'll be presented with the main
wireshark GUI:
Step #3: If you select the available devices, you'll notice that you can see these in promiscuous mode, which typically is not an option without the above capabilities changes:
扫一扫
8992
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
