Over time, the analysis of a network becomes a very laborious and delicate task. Thanks to tools like Wireshark, we can make the process a little easier. In this post, you will learn how to install Wireshark on Debian 11.
What is Wireshark and what does it do?
According to the tool’s official website:
Wireshark is the world’s largest and most widely used network protocol analyzer. It allows you to see what is going on in your network at a microscopic level and is the de facto (and often de jure) standard in many commercial and non-profit companies, government agencies and educational institutions.
It is free software that allows you to analyze network traffic in real time, and is considered to be the best tool for troubleshooting network problems such as latency or malicious activity such as hacking attempts.
How does Wireshark do this? Well, in a nutshell, it intercepts traffic and converts it into a human-readable format. It also allows you to use search tools, including regular expressions and color highlighting. With this, you can find what you are looking for.
Wireshark has versions for Windows, macOS, Linux, FreeBSD, NetBSD and OpenBSD, so you can install it on almost any computer.
Installing Wireshark on Debian 11
Thanks to the excellent support that Wireshark has for Linux, we will be able to install it on Debian 11 without major issues. To achieve this, we will use the official repositories of the distribution.
So, open the terminal from the main menu.
When it’s open, update the whole distribution
sudo apt update
sudo apt upgradeThen, you can install Wireshark by running the following command:
sudo apt install wiresharkDuring the installation process, you will be asked if regular system users can intercept packets. This is up to you.
After this, you can verify the version you have installed.
wireshark -v
And then you can run it from the main menu of the distribution.
The Wireshark interface
As soon as you start the program, you will see a graphical interface like this one
Here you will see a list of all active network interfaces. Select the one you want to inspect and Wireshark will start working.
Uninstalling Wireshark in Debian 11
If you no longer want to use Wireshark, you can remove it by running the following command
sudo apt remove wiresharkThis will remove it from your system.
Conclusion
In this post, you learned how to install Wireshark on Debian 11 using the distribution’s official repositories. This tool is a marvel for many sysadmins and being open source we will be able to know how it works.
I hope you liked this post, and you can share it with all your friends.