Network Analysis With Wireshark On Ubuntu Feisty Fawn - Page 2

2 Using Wireshark

Open the Wireshark (as root) application (Applications > Internet > Wireshark (as root)):

This is how Wireshark looks when you first start it:

Click on the List the available capture interfaces... button:

A new window opens with a list of available network interfaces on your system. Normally you want to capture the traffic on your primary network device (eth0 in this example), so you click on the Start button in the eth0 row to start an analysis of the traffic on that interface:

A new window opens where you can see the captured packets for various protocols. The capture goes on until you click on the Stop button:

After you stop a capture, you can find its results in the main window. You can now browse the results, apply filters, find problems, etc.:

To fine-tune future captures, you can click on the Show the capture options... button:

A new window opens where you can set parameters for the next capture. Click on Start afterwards to start the capture:

The result of a capture lists all found protocols by default. If you'd like to concentrate on a certain protocol (for example), you can apply a filter to the result. Go to Analyze > Display Filters...:

A new window opens where you can select your desired protocol (HTTP for example). Click on OK afterwards:

In the result window, you should now find HTTP traffic only - all other protocols have been filtered out:

To learn more about Wireshark usage, how to read the results, etc., take a look at the Wireshark documentation.


3 Links

Share this page:

3 Comment(s)

Add comment


From: at: 2007-09-24 19:44:08

Thanks for the tuto, you can also find another Wireshark tuto (in French) at this URL.


From: Anonymous at: 2010-03-06 04:09:46

The title of this HOWTO should be "HowTo install Wireshark"

and the contents could be:

You install Wireshark as everything else:

$sudo aptitude install wireshark


ChinPun!... That's all falks!



How to install xyzxyz?

Very easy...

$sudo aptitude install xyzxyz

 ChinPun!... That's all falks!

 This small tutorial substitutes 100,000,000 noisy tutorials!!


From: prober8 at: 2010-08-10 20:14:45

Too much detail on the installation procedure down to the very intuitive common sense choices. Even more annoying is that it even had screen shots (pointless waste of bandwidth). To someone technically inclined enough to know what wireshark is in the first place the two words "install wireshark" would do.