Skip to main content
How To

Install Wireshark on Ubuntu

Wireshark is the most popular tool for network packets analysis. Learn to install it on Ubuntu.

Sagar Sharma

If you are into cyber security or wanna be a hacker, Wireshark is supposed to be one of the most crucial things that you'd carry!

And there is a reason why.

Wireshark comes with many features including the ability to monitor incoming and outgoing packages.

Because of its popularity, you will find it available in the default repository of Ubuntu.

So if you don't care about having the most recent version, it can be installed with a single command:

sudo apt install wireshark

While writing, I got Wireshark version 3.6.2 from the default repository:

wireshark -v
check the installed verison of Wireshark on Ubuntu

But if you want the most recent offering from Wireshark, you can follow the given guide.

How to install the latest version of Wireshark

If you want the latest stable version of Wireshark, you will have to use PPA for that purpose.

Use the following command to add PPA for stable release:

sudo add-apt-repository ppa:wireshark-dev/stable

Once done, update the repositories:

sudo apt update

And finally install the Wireshark:

sudo apt install wireshark

Installer will ask whether you want to allow non-superusers to capture packets. I would recommend going with Yes:

Once you are done with the installation, you can check the installed version:

wireshark -v
install the latest version of Wireshark

And as you can see, I got Wireshark 3.6.7 which is a little ahead of what you get with the default repository (3.6.2).

How to capture packets using Wireshark

Once you are done with the installation, you can use the following command to start the Wireshark:

sudo wireshark

Select the interface and click on Start capturing packets:

capture packets using wireshark

And it will start capturing packets:

wireshark capturing packets

Save captured packets

To save captured packets, first, stop the packet capturing by pressing the red button:

stop packet capturing in wireshark

Next, click on the Save this capture file:

save captured packets with wireshark

It will open the file manager where you can save the file at the desired location.

Just getting started with networking? Let me help

If you are just getting started with networking, you should start with basic networking commands:

21 Basic Linux Networking Commands You Should Know
A list of basic Linux networking commands that will help you troubleshoot network issues, monitor packets, connect devices, and much more.
It's FOSSSagar Sharma

I hope you will find this helpful.

And if you have any queries, let me know in the comments.

Sagar Sharma
Sagar Sharma

A software engineer who loves to tinker with hardware till it gets crashed. While reviving my crashed system, you can find me reading literature, manga, or watering my plants.