Users interested in the raw packets now only need to do this: sudo usermod -a -G wireshark Other distributions add these settings from the outset when the package is installed. The Postinst script spices up the capture script used by Wireshark /usr/bin/dumpcap either with the Linux capabilities cap_net_raw and cap_net_admin (if available) or with a set-user-ID bit, so that each member of the Wireshark Unix group is given access to raw network data. If the admin on an Ubuntu or Debian system runs the following command: sudo dpkg-reconfigure wireshark-common This sets up a new Unix user named wireshark and a Unix group with the same name.
Running Wireshark with root privileges appeared too risky to its creators, so they offer wireshark-common as an assisting package. One hurdle needs to be covered in advance: The Linux kernel only offers raw network packets to a process, if it is running with root privileges or has equivalent Unix capabilities. This script shows a constantly updated list of identified targets of all network packets sniffed off the wire – sorted by frequency in which the addresses are resolved into DNS names.įigure 2: The topaddr script outputs the most commonly found package addresses. This month, however, I'll take a different approach and present a Perl script that can be launched in a terminal window, just like the Top utility ( Figure 2). The powerful GUI tool Wireshark ( Figure 1) can help sniff out who's looking over your shoulder. If you don't take drastic steps, the browser will gullibly broadcast your identity, including your surfing habits, all over the world. You can now always assume that not only do the pages you surf know that you are back, but so do a dozen other curious sites that pay for the privilege. Have you ever wondered why each port of call on the Internet brings up the goodies you recently perused on Amazon, not to mention those pesky Facebook Like buttons? It seems that the original policy introduced by Netscape back in the dark ages of the Internet to ensure privacy despite cookies has been laid to waste by gatecrashers, such as DoubleClick. The easily installed and feature-rich analysis tool Wireshark reveals that calling a single news site on the Internet can cause more than 3,000 network packets to zoom back and forth between the browser and various servers, which can leave the respective user's fingerprints on a couple of dozen different websites.
0 kommentar(er)
