Ubuntu Security :: Wireshark Not Capturing Properly?
Jan 23, 2011
Was trying to use wireshark to pen test my network and I can't get it to work properly.When capturing on my main wireless card wlan0 atheros ath9k the program freezes after a short while and I can't even access the web anymore. Not to mention it stops capturing. I have to disconnect and reconnect to get back on the web. Not sure what is going on here. I get the following output in terminal:
(wireshark:2240): GLib-GObject-WARNING **: /build/buildd/glib2.0-2.26.0/gobject/gsignal.c:3081: signal name `depressed' is invalid for instance `0x2142cb68'
[code]....
View 1 Replies
ADVERTISEMENT
Mar 25, 2010
Having read on the forums about some of the dangers of running Wireshark as root, I would like to know if anyone can suggest some alternative packet sniffers/network analyzers which will offer similar results but without the security issues. I am using Karmic Koala on a Fujitsu Siemens laptop with wireless router (firewall enabled)
View 7 Replies
View Related
Nov 7, 2010
The Wireshark website specifically warns against running WireShark as Root....
Quote:
Administrator/root account not required!
Many Wireshark users think that Wireshark requires a root/Administrator account to work with.
That's not a good idea, as using a root account makes any exploit far more dangerous: a successful exploit will have immediate control of the whole system, compromising it completely.
First of all, most Wireshark functions can always be used with a (probably very limited) user account. In particular, the protocol dissectors which have shown most of the security related bugs do not need a root account!
Only capturing (and gathering capture interface information) may require a root account, but even that can usually be "circumvented", see CaptureSetup/CapturePrivileges for details how to do so.
View 3 Replies
View Related
Oct 11, 2010
I'm running behind a 2wire NAT Router with only have smtp, www, pop3 open routing to my ubuntu VM server. Network also includes three other ubuntu VM server's and a Desktop. I'm the only one on the network so my question is, what security risk is there running WireShark as root? Because running it under dumpcap is horrible after you quit. It hogs up all the resource to remove the dump.
View 7 Replies
View Related
Oct 29, 2010
I am doing security stuff under linux... I've heard of Wireshark and Snort and dsniff and have been reading up on them on wikipedia pages but the big picture is not clear to me yet. Are things like Wireshard and Snort BASED on the functionality of iptables in Linux? I read that you have to be root to run iptables, but not to run Wireshark right? Yet Wireshark is dependent on iptables.
View 3 Replies
View Related
Dec 15, 2010
I have an auditing problem. I am required to be able to track user account modifications (creates, deletes, password changes, etc.) My team and I implemented auditd 1.7.17 and borrowed an existing rule set from /usr/share/doc/audit-1.7.17/nispom.rules. What we're seeing is that user account activity from the command line is retrievable by doing an 'aureport -m'. However, doing the same through the GUI, 'aureport -m' does not display the activity. So I have two questions:1. Is there another location I should be looking to find the user creation activities when using the GUI?2. Is there a way to make the activity using the GUI be captured in /var/log/audit/audit.log so 'aureport -m' can report it?Someone suggested a PAM configuration change, but was not able to tell me what change to make.
View 3 Replies
View Related
Sep 2, 2010
Is there a 'plugin' for wireshark to analyze traffic and spot infected (windows) hosts? I have been using nepenthes with no luck. (and doubt all hosts are clean) is there some better way (other than using antivirus on each host)?
View 10 Replies
View Related
Feb 7, 2010
So I installed pam-script
made this script:
Code:
#!/bin/bash
RFID_AUTH_SUCCESS=0
#Read the card
tag=`'/etc/rfid/RFID-login'`
code....
Code:
sudo test
It doesn't ask for my password and instantly authenticates as root!
if I run the above posted script manually, (cd into the dir and execute it), it works fine and produces the result 1 if positive and 0 if negative.
View 1 Replies
View Related
Apr 6, 2010
properly set up ssh to only allow one IP address to login remotely
View 2 Replies
View Related
Dec 10, 2010
Long story short: I opted to encrypt my home, enter the passphrase and soon as I log out and rebooted, I got stuck with a message about /var/lib/ICEauthority file and other messages. So I've been trying to fix one issue at the time. The bottom line is that I'm trying to get to my private folder. Dropped in recovery mode:
[Code]...
View 3 Replies
View Related
Aug 10, 2010
I have a problem with sshd daemon on a target linux system:The system has only one user (root) without password.The sshd_config looks like:
Code:
Port 22
Protocol 2
[code]...
View 8 Replies
View Related
May 11, 2010
I am trying to use CentOS 5.4 to set up a secure laptop, largely because of it's SELinux functionality. Unfortunately I couldn't get wireless to work properly using the default NetworkManager so I installed wicd. Initially it buggered up my whole installation but after relabelling files using SEL I can now use my system again. but.. I can't use it with SELinux enabled, as it denies the required accesses for wicd to work. I also get similar SELinux denials for wpa_supplicant. A couple of snippets from /var/log/audit/audit.log -
[Code]....
View 4 Replies
View Related
May 18, 2010
tcpdump is not details in protocols,so want wireshark to study protocols,
View 4 Replies
View Related
Sep 29, 2010
I installed Ubuntu 10.04 on my ASUS Eee PC 1015 but can't get WireShark to recognize my Atheros card.
I know my Atheros card works because I was on my wireless network at my house last night.
View 2 Replies
View Related
May 4, 2010
Since I upgraded to 10.04 my Webcam (a logitech Quickcam Pro 4000) won't capture video.Ubuntu see it is there, but aMSN, Google Talk, Skype, and Cheese all give me nothing.
View 2 Replies
View Related
Jan 7, 2010
According to 'man luvcview', if I do this:
Code:
luvcview -o testvid.avi
then luvcview should capture the video to the .avi file. However, when I try it, no output file is created. Grabbing a raw stream or raw frames works fine, but not the creation of AVI files. Am I missing something?
View 6 Replies
View Related
Feb 17, 2010
I've tried to look up different programs for this but can't find anything. I'd like to be able to open my recorder on Myspace for instance and capture any sound playing through my speakers. I used to have a little program for this, but its windows based and won't seem to install correctly in Wine.
View 5 Replies
View Related
Apr 17, 2010
I would like to capture all output spewed to a terminal session including processes that are terminated that were invoked from a script running in a terminal window. this is beyond capturing just stderr and stdout . for example
{
./script
} 2> stderr.cap 1>stdout.cap
if script is terminated (including because of memory violations) I get spewed output to the terminal I would like to capture that spewing to a file automatically or to a bit bucket /dev/null Is there another filehandle which can be redirected to do this? If so how or is there another way???
View 3 Replies
View Related
May 6, 2010
I have four primary partitions currently. I need to keep all of them. I need to make a fifth that is also a primary partition. Is there a way to somehow make a partition into a partition that's in an extended partition without losing any data? Maybe you know of another solution to my problem, but this is the only one I can conjure up. The second problem is much less severe. I can't find any screen capturing software for Ubuntu that will record my desktop and simultaneously record sound from a microphone.
View 9 Replies
View Related
May 14, 2010
So I've noticed that some applications block keystrokes and input from reaching Ubuntu. Most recently I got the Linux version of Unreal Tournament 2004 running. Problem is that when I'm playing Unreal it captures all input, so when I decide the game is too loud or too quiet, rolling my volume wheel doesn't adjust the volume. I either have to pause the game so it releases my mouse(only in windowed mode), or exit altogether, adjust the volume, and restart the game. Is there a way to change this?
View 1 Replies
View Related
Apr 8, 2011
I want to capture DV-video through IEE1394 (FireWire) with Kino and Ubuntu 10.10. Seems I can't capture... When I plug in the camera there is no hot plug message (if there should be one? I've read it should...). The DV-out on the camera is enabled There is no option to enable/disable the port in my BIOS.
Some information:
Code:
a~# lspci | grep 1394
07:09.0 FireWire (IEEE 1394): Ricoh Co Ltd R5C832 IEEE 1394 Controller (rev 05)
Hope there are some command to check?
View 1 Replies
View Related
Aug 5, 2011
I run a 3rd party command line utility and it works fine, but sometimes it says "Error blah blah blah... Connection timed out"
I want to script this utility, but I need to not execute the commands in the script if it gives me that connection timeout error.
bash code to capture that response from the utility? Something along the lines of:
Quote:
#!/bin/bash
3rdpartyutil > /tmp/temp.txt
if [ ! -f /tmp/temp.txt]; then
echo no error, run whatever you need to man
fi
rm /tmp/temp.txt
Unfortunately, that doesn't work because the utility outputs non-error information to the screen even when it is successful, so it always outputs something, I never need to see it, but I do need to be able to act upon if some of that text says "error" or "connection timed out"
View 3 Replies
View Related
Feb 8, 2010
I've run into a sort of catch 22.I installed wireshark via apt-get on my Eee 1008HA, but when it is launched, it does not allow any capture interfaces. I think this is because the shortcut created in my applications paneldoes not start it as root.So I went into terminal, typed in "sudo wireshark" and it popped up, as root. I was then able to capture on my wireless interface. However, if I try and specify my home folder as the location for the capture to be saved, I get an error that permission was denied, which seems odd since the process is running as root and should be able to do pretty much whatever it wants. How can I get wireshark set up so I can both capture _and_ save the .pcap files I generate? I'm running karmic koala, the full output of uname -a is: Linux ruckus-laptop 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686 GNU/Linux.
View 1 Replies
View Related
Jul 2, 2010
I have an ubuntu PC with 2 nics, 1 for the internet, the other one should be to connect other computers an analyze the network traffic with Wireshark. How do I configure this 2nd nic to achieve this.
View 1 Replies
View Related
Aug 29, 2010
I remember that in the past, I succeed to sniff network traffic with Wireshark but when I tried lately, it didn't work.
- Enabled monitor and promisc mode using the command line and launched Wireshark with option 'promisc mode' on: didn't work.
- Directly launched Wireshark with option 'promisc mode' on: didn't work.
- Did the both previous things with option 'promisc mode' off: didn't work.
I'm using AR5007EG with ath5k.
View 2 Replies
View Related
Feb 2, 2011
I am trying to use wireshark on my ubuntu 10.10 laptop. However I have found out that wireshark will only detect my network cards when it is started with root permissions. How would I make it automatically start with root permissions?
View 2 Replies
View Related
Apr 27, 2011
I installed Wireshark 1.2.7 on my Lenovo X61 tablet PC running Ubuntu 10.04 lucid during the quest for a decent signal strength meter for available wifi access points. What is a good software or hardware method to TEST WiFi strength & power?But I can't get Wireshark to do the simplest thing, which is to "Capture Interfaces".
View 9 Replies
View Related
Mar 6, 2010
I want to use wireshark network traffic analyser to analyse ethernet traffic in a "Abis over IP" based GSM cellular communication network. Can anybody guide me how to install WireShark in my Ubantu 9.10 Live USB drive. I cannot access internet with this USB drive but i can download pacages in a windows machine. I need to know which pacages to download and how to build wireshark from source.
View 1 Replies
View Related
Jul 20, 2011
I've made a simple php wrapper around scp. It works fine, but unlike when I run the scp command straight from the console, there is no output returned. I've tried using passthru(), exec(), system() and shell_exec(), all to no avail. I'm redirecting stderr to stdout already.
For example:
PHP Code:
<?php
$command = "scp -C -r $files $target 2>&1";
exec($command, $result);
print_r($result);
?>
Will scp the files correctly to the server, but doesn't print any output - $result is just an empty array. I'd like to see the output so I can visually confirm that the files have been transferred correctly.
View 1 Replies
View Related
Sep 2, 2010
I've been trying for a while now to capture videos with my webcam of my samsung n110 netbook, I am running ubuntu 10.4 and cheese 2.30.1. I can take pictures fine, with effects and everything but when I press "start recording" the webcam seems to turn off or all I see is a black image, then when I press stop recording the camera picture comes back on and then the program freezes. I've tried turning down the resolution, I've tried all the possibilities in gstreamer-properties but nothing helped so far running from terminal didn't give me a clue on what the problem might be either. I would like cheese to work to have photo and video in one program but if someone has a good program to capture video I am willing to try it out.
View 8 Replies
View Related
