Table of Contents
Wireshark is one of the most powerful network analysis tools for packet inspection, debugging, and troubleshooting. On Ubuntu 25.10, installing it is fast and straightforward with just a few terminal commands.
Step 1: Update System Packages
Always begin with a full system update to make sure your package index is current.
sudo apt update && sudo apt upgrade -y
Step 2: Install Wireshark from Official Repository
Wireshark is included in Ubuntu’s default repositories, so installation is simple:
sudo apt install wireshark -y
During installation, you may be prompted with:
Should non-superusers be able to capture packets? Select Yes if you want regular users to use Wireshark without sudo.
Step 3: Add Your User to the Wireshark Group
If you enabled non-superuser capture, add your user to the wireshark group:
sudo usermod -aG wireshark $USER
Then log out and log back in for the group change to take effect.
You can verify your group membership with:
groups $USERStep 4: Verify the Installation
Check that Wireshark is installed correctly:
wireshark --versionYou should see output similar to:
Wireshark 4.4.0 (Git v4.4.0 packaged as 4.4.0-1)Step 5: Launch Wireshark
From the terminal:
wireshark &
Or open it from the application menu — just search for Wireshark.
Optional Step: Install Command-Line Tools
If you prefer terminal-based packet capture tools, install tshark (the CLI version of Wireshark):
sudo apt install tshark -y
Capture packets directly in your terminal:
sudo tshark -i eth0
For accurate network analysis, always run Wireshark with minimal background traffic and avoid capturing sensitive data on shared or public networks.
