Enable wifi sniffer without rooting

让非root用户能使用wireshark捕捉网络数据包

分类： Linux 安全相关 2012-01-30 17:42 2366人阅读 评论(0) 收藏 举报

网络userui2010

默认情况下，访问网络端口需要root权限，而wireshark的只是/usr/share/dumpcap的一个UI，/usr/share/dumpcap需要root权限，所以没法non-root用户无法读取网卡列表。

解决办法很简单，sudo wireshark

但是wireshark官方不推荐这么做：

Running as user "root" and group "root".
This could be dangerous.


If you're running Wireshark this way in order to perform live capture, you may want to be aware that there is a better way documented at

所以用另一种方法，改变/usr/share/dumpcap的group，添加一个group：wireshark，chgrp到wireshark组，再改成750权限，这样方便权限控制。

[plain] view plaincopy

1. sudo -s  
2. groupadd wireshark  
3. usermod -a -G wireshark <You own username>  
4. chgrp wireshark /usr/bin/dumpcap  
5. chmod 4750 /usr/bin/dumpcap  

又参考网上的解决方案，执行下面命令

[plain] view plaincopy

1. setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap  

用getcap /usr/bin/dumpcap，输出应当是/usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip，说明生效

注意得注销一下才能生效

官方解决方案http://packetlife.net/blog/2010/mar/19/sniffing-wireshark-non-root-user/

Best regards,

Yuanda(Dave) Xu

ubuntu14.04笔记本搭建无线wifi

ubuntu14.04笔记本搭建无线wifi给手机用

• 
  
• |
• 浏览：1728
• |
• 更新：2014-07-19 17:15
• |
• 标签： wifi 

• 1
• 2
• 3
• 4
• 5
• 6
• 7

分步阅读

我们的笔记本就是我们的无限路由，我们ubuntu爱好者也不例外，下面我们就来实现如何我让ubuntu笔记本变成我们手机用的无线网...

方法/步骤

1. ubuntu14.04安装配置无线ap

                1、添加含有ap-hotspot的资源

                $sudo add-apt-repository ppa:nilarimogard/webupd8

   

2.           2、更新资源

             $sudo apt-get update

   

3.             3、如果之前安装了ap-hotsopt或者hostapd的需要卸载

               $sudo apt-get remove hostapd

   

4.             4、安装没有bug的hostapd版本

               如果64位的系统:

               $cd /tmp

               $wget http://archive.ubuntu.com/ubuntu/pool/universe/w/wpa/hostapd_1.0-3ubuntu2.1_amd64.deb

              $sudo dpkg -i hostapd*.deb

              $sudo apt-mark hold hostapd

              如果32位系统:

               $cd /tmp

               $wget http://archive.ubuntu.com/ubuntu/pool/universe/w/wpa/hostapd_1.0-3ubuntu2.1_i386.deb

              $sudo dpkg -i hostapd*.deb

              $sudo apt-mark hold hostapd

   

   

5.              5、 安装ap-hotspot

                 $sudo apt-get install  ap-hotspot

   

6.              6、配置 网络  ap的名字与密码

                $sudo ap-hotspot configure

                           1)如图ppp0是我的拨号宽带，直接enter

                              如果你的本地连接应该是eth0...

                           2)如图wlan0是我的无线网卡用来做ap的设备，直接enter

                              如果你有多个无限网卡你自己输入选择哪个

                           3)如图gade是我输入的无线网点的名字（手机搜索到的无线网名），然后enter

                              名字你可以自己随意取

                            4)如图12345678是我输入的无线网点密码(手机连接时要输入的无线密码)

                              为了安全密码可以设置的繁琐一些

   

7.                7、关闭ubuntu的防火墙（如果你启用了）

                   $sudo ufw disable

   

8.              8 、启动无线服务(安装好后最好重新启动操作系统)

                $sudo ap-hotspot start   (关闭无线是 $sudo ap-hotspot stop)

   
   END

注意事项

• 如果之前配置失败的，按照这个方法配置后重新启动计算机
• 每次重启计算机都得 $sudo ap-hotspot start 重新启用无线服务才能用，或者你可以写到开机启动项中

Best regards,

Yuanda(Dave) Xu

Re: install wireshark from source code in ubuntu

Best solution

https://ask.wireshark.org/questions/35757/building-112-from-source-fails-with-qt-problem-on-xubuntu

sudo apt-get install <tool>    git  autoconf  automake  libtool  bison  flex  qt-sdk  libgtk-3-dev  libpcap-dev    Then (sudoing may be required as well):    git clone https://code.wireshark.org/review/wireshark  cd wireshark  ./autogen.sh  ./configure  make  

If you want to install Wireshark, do this as well:

make install  sudo ldconfig  

Best regards,

Yuanda(Dave) Xu

On Mon, Apr 20, 2015 at 8:43 PM, Yuanda Xu <yxu60@binghamton.edu> wrote:

if need qt4:
sudo apt-get install libqt4-dev

Best regards,

Yuanda(Dave) Xu

On Mon, Apr 20, 2015 at 8:27 PM, Yuanda Xu <yxu60@binghamton.edu> wrote:

install wireshark from source code.

./autogen.sh

./configure

install tools needed
...following error information.
such as bison, flex...

if says need Qt:
sudo apt-get install qtdeclarative5-dev

if says need GTK+ 3
sudo apt-get install libgtk-3-dev

if says need libpcap
sudo apt-get install libpcap-dev

make

Best regards,

Yuanda(Dave) Xu

Re: install wireshark from source code in ubuntu

sudo apt-get install qt4-dev-tools libqt4-dev libqt4-core libqt4-gui

Best regards,

Yuanda(Dave) Xu

On Mon, Apr 20, 2015 at 8:43 PM, Yuanda Xu <yxu60@binghamton.edu> wrote:

if need qt4:
sudo apt-get install libqt4-dev

Best regards,

Yuanda(Dave) Xu

On Mon, Apr 20, 2015 at 8:27 PM, Yuanda Xu <yxu60@binghamton.edu> wrote:

install wireshark from source code.

./autogen.sh

./configure

install tools needed
...following error information.
such as bison, flex...

if says need Qt:
sudo apt-get install qtdeclarative5-dev

if says need GTK+ 3
sudo apt-get install libgtk-3-dev

if says need libpcap
sudo apt-get install libpcap-dev

make

Best regards,

Yuanda(Dave) Xu

Re: install wireshark from source code in ubuntu

if need qt4:
sudo apt-get install libqt4-dev

Best regards,

Yuanda(Dave) Xu

On Mon, Apr 20, 2015 at 8:27 PM, Yuanda Xu <yxu60@binghamton.edu> wrote:

install wireshark from source code.

./autogen.sh

./configure

install tools needed
...following error information.
such as bison, flex...

if says need Qt:
sudo apt-get install qtdeclarative5-dev

if says need GTK+ 3
sudo apt-get install libgtk-3-dev

if says need libpcap
sudo apt-get install libpcap-dev

make

Best regards,

Yuanda(Dave) Xu

install wireshark from source code in ubuntu

install wireshark from source code.

./autogen.sh

./configure

install tools needed
...following error information.
such as bison, flex...

if says need Qt:
sudo apt-get install qtdeclarative5-dev

if says need GTK+ 3
sudo apt-get install libgtk-3-dev

if says need libpcap
sudo apt-get install libpcap-dev

make

Best regards,

Yuanda(Dave) Xu