Wireshark is a powerful and popular network communication tool that allows viewing individual recorded data packets or sorting them according to specific content. This networking software lets you see what’s going on on your computer, and it helps take apart any encrypted messages being sent around it through analysis of their contents with ease!
Some of the most common tasks Wireshark is used for amongst users of the software include troubleshooting networks with performance issues and cybersecurity tracing connecting, viewing contents of suspect network transactions, and identifying bursts of network traffic for further analysis.
In the following tutorial, you will learn how to install WireShark on AlmaLinux 9 using the command line terminal.
Update AlmaLinux 9
First, ensure your system is up-to-date using the following terminal command.
sudo dnf upgrade --refresh
Install Wireshark
By default, Wireshark is available on AlmaLinux 9’s appstream, making the installation straightforward and keeping the software up-to-date without remembering to download packages or compile from scratch.
Use the following command to begin the installation.
sudo dnf install wireshark -y
Next, you must add your current username to the Wireshark user group, or else you will have insufficient permissions to run Wireshark.
First, log into the root account.
su
Use the following command to set your root password for users who forgot their root password or have never set one.
sudo passwd root
Then re-use the su command.
Now, run the following command to give Wireshark the correction permission for the username you will be running Wireshark on.
usermod -a -G wireshark _your_username_
Example command with my username:
usermod -a -G wireshark haifa
Once done, relog back to your usual account.
su <account name>
Example command with my username:
su haifa
If you incur any issues running Wireshark after adding your account to the wireshark group, restart your system, and it should work afterward.
reboot
Check Wireshark Version
Once the installation is complete, check if the installation was successful and what version of Wireshark is installed using the following command.
wireshark -v
Launch Wireshark
Now that you have the Wireshark installed, launching can be done in a few options.
First, if your terminal is open, you can launch the application immediately with the following command.
wireshark
However, this can be a pain to load the terminal for desktop users, but it is much easier to launch using the application icon that you can pin to your taskbar if required for even quicker access.
Activities > Show Applications > Wireshark.
Next, you will arrive at the default screen of Wireshark. From here, you can begin recording or configuring and play around to get a feel for what you can accomplish.
Furthermore, you can filter traffic from recording sessions such as a protocol, destination, etc., that you consider suspicious, which you can find in the “Record” menu under the entry “Recording filter. “
How to Remove (Uninstall) Wireshark
For users that no longer require Wireshark, you can remove the software using the following command.
sudo dnf autoremove wireshark -y
This will also remove all unused dependencies and clean up your system.
Comments and Conclusion
With all of these powerful features and capabilities, it’s no wonder that Wireshark is such a popular tool for technical professionals. Capturing local networks and storing the data offline for later analysis makes this software an essential part of any tech-savvy individual’s toolkit. Whether you’re interested in security, networking, or want to know what’s going on under the hood of your computer, Wireshark is sure to impress. So what are you waiting for? Start using Wireshark today!
