Wireshark is a powerful and popular network communication tool that allows viewing individual recorded data packets or sorting them according to specific content. This networking software enables you to see what’s going on in your computer and helps take apart any encrypted messages being sent around it through analysis of their contents with ease!
Some of the most common tasks Wireshark is used for amongst users of the software include troubleshooting networks with performance issues and cybersecurity tracing connecting, viewing contents of suspect network transactions, and identifying bursts of network traffic for further analysis.
In the following tutorial, you will learn how to install WireShark on Debian 11 Bullseye.
Table of Contents
Update Debian System
Update your Debian system to make sure all existing packages are up to date:
sudo apt update && sudo apt upgrade -y
By default, Wireshark is available on Debian 11’s repository making the installation straightforward and keeping the software up-to-date without remembering to download packages or compile from scratch.
Use the following command to begin the installation.
sudo apt install wireshark -y
During the installation, you will see the following pop-up message advising non-privileged users to run Wireshark. This is your call to make as every system is different.
The default answer is “No” by Wireshark. If unsure, just select it and press ENTER key.
Check Wireshark Version
Once the installation is completed, it is advised to check the installation either using –version or something else like apt-cache policy command if the version command does not work.
Check if the installation was successful and what version of Wireshark is installed using the following command.
Now that you have the Wireshark installed, launching can be done in a few options.
In your terminal type:
If you would like to launch Wireshark and use the terminal, send it to the background:
sudo wireshark &
However, this isn’t practical for most desktop users, and you would use the following path on your desktop to open with the path: Activities > Show Applications > Wireshark.
Next, you will arrive at the default screen of Wireshark. From here, you can begin recording or configuring and play around to get a feel for what you can accomplish.
Begin using Wireshark by clicking on the shark flipper icon in the top left-hand corner to start a recording session, and you can watch or continue working on your system.
Furthermore, you can filter traffic from recording sessions such as a protocol, destination, etc., that you consider suspicious, which you can find in the “Record” menu under the entry “Recording filter. “
Remove (Uninstall) Wireshark
For users that no longer require Wireshark, you can remove the software using the following command.
sudo apt autoremove wireshark -y
This will also remove all unused dependencies and clean up your system.
Comments and Conclusion
In the tutorial, you have learned how to install the networking tool Wireshark on Debian 11 Bullseye.
With all of these powerful features and capabilities, it’s no wonder that Wireshark is such a popular tool for technical professionals. Capturing local networks and storing the data offline for later analysis makes this software an essential part of any tech-savvy individual’s toolkit. Whether you’re interested in security, networking, or want to know what’s going on under the hood of your computer, Wireshark is sure to impress. So what are you waiting for? Start using Wireshark today!