Re: Wireshark on Ubuntu
- From: "goarilla <\"kevin<punt>paulus|\"@|skynet" <"punt>
- Date: Sun, 27 Apr 2008 13:37:44 +0200
nooneinparticular314159@xxxxxxxxx wrote:
I installed Wireshark on Ubuntu. It does not appear to be able to see
any network interfaces when running as an unprivileged user, and only
captures if I run it with sudo, which is a security risk, since it
shouldn't be running as a privileged user. How can I run a capture
without running wireshark as a privileged user?
Thanks!
you could capture with tcpdump -Z <dump_user> -w file -s 0
this will set the nic in prom mode as root and then suiding to the id of
user dump_user
after your capture is finished you can then analyse the dumpfile
../file with wireshark as a normal user (after changing permissions
offcorse)
iirc wireshark can't suid to a less priviledged user after
binding itself to the NIC interface just yet
.
- References:
- Wireshark on Ubuntu
- From: nooneinparticular314159@xxxxxxxxx
- Wireshark on Ubuntu
- Prev by Date: Re: Transparent Internet Bandwidth / Usage monitoring
- Next by Date: DHCP and Multicast/Unicast
- Previous by thread: Re: Wireshark on Ubuntu
- Next by thread: Slow telnet/pop3 connection
- Index(es):
Relevant Pages
|
