Guest User


a guest
Jun 14th, 2011
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. I. Capturing packets with Wireshark/Tshark
  3. There are two ways of installing Wireshark/Tshark on Debian:
  5. I./a. Installing dumpcap without allowing non-root users to capture packets
  7. Only root user will be able to capture packets. It is advised to capture
  8. packets with the bundled dumpcap program as root and then run
  9. Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]
  11. This is the default on Debian systems.
  13. I./b. Installing dumpcap and allowing non-root users to capture packets
  15. Members of the wireshark group will be able to capture packets on network
  16. interfaces. This is the preferred way of installation if Wireshark/Tshark
  17. will be used for capturing and displaying packets at the same time, since
  18. that way only the dumpcap process has to be run with elevated privileges
  19. thanks to the privilege separation[1].
  21. Note that no user will be added to group wireshark automatically, the
  22. system administrator has to add them manually.
  24. The additional privileges are provided using the Linux Capabilities
  25. system where possible or using the set-user-id bit, where the Linux
  26. Capabilities are not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).
  28. Linux kernels provided by Debian support Linux Capabilities, but custom
  29. built kernels may lack this support. If the support for Linux
  30. Capabilities is not present at the time of installing wireshark-common
  31. package, the installer will fall back to set the set-user-id bit to
  32. allow non-root users to capture packets.
  34. If installation succeeds with using Linux Capabilities, non-root users
  35. will not be able to capture packets while running kernels not supporting
  36. Linux Capabilities.
  39. The installation method can be changed any time by running:
  40. dpkg-reconfigure wireshark-common
  43. II. Installing SNMP MIBs
  45. SNMP [4] OIDs can be decoded using MIBs provided by other packages.
  46. wireshark-common suggests snmp-mibs-downloader which package can be used to
  47. download a set of common MIBs Wireshark/Tshark tries to load at startup.
  49. At the time of writing, MIBs are distributed under DFSG incompatible terms
  50. [5] thus snmp-mibs-downloader has to be in the non-free archive area.
  51. To keep wireshark in the main area [7], wireshark-common does not depend on
  52. or recommend snmp-mibs-downloader and as a result snmp-mibs-downloader is
  53. not installed automatically with wireshark.
  55. To make Wireshark/Tshark able to decode OIDs, please install
  56. snmp-mibs-downloader manually.
  58. To help Wireshark/Tshark to decode OIDs without having to install packages
  59. manually, please support the initiative of requesting additional rights
  60. from RFC authors [5].
  63. [1]
  64. [2]
  65. [3]
  66. [4]
  67. [5]
  68. [6]
  69. [7]
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add to your ad blocker whitelist or disable your adblocking software.