wireshake抓取封包 (HW05)

# wireshake抓取封包 (HW05) ### **1.wireshark安裝與設定** ``` sudo add-apt-repository ppa:wireshark-dev/stable sudo apt update sudo apt install wireshark ``` ![](https://i.imgur.com/mzBahuy.png) ![](https://i.imgur.com/qpaXsu6.png) ![](https://i.imgur.com/yHv0Wct.png) ![](https://i.imgur.com/OuXsUZL.png) ![](https://i.imgur.com/qpg1PIU.png) ``` sudo usermod -aG wireshark {使用者名稱} ``` ![](https://i.imgur.com/MWlBZ7q.png) 然後就可以在顯示應用程式中找到wireshake ![](https://i.imgur.com/WSM6gE6.png) ### **2.抓取ssh連線封包** 啟動wireshark ![](https://i.imgur.com/2EQRhDb.png) 點選ens33 ![](https://i.imgur.com/XAwLkX8.png) 開終端機ssh連線到伺服器 ``` ssh {username}@{ip} ``` ![](https://i.imgur.com/n4RO87I.png) ``` ssh && ip.addr==10.2.200.196 ``` ![](https://i.imgur.com/T0fVLCm.png) *查本地端ip* ![](https://i.imgur.com/Dt9RsYB.png) ### **參考資料:** * https://itsfoss.com/install-wireshark-ubuntu/ * https://linux.cn/article-11987-1.html