Project

General

Profile

Support #938

Monitor USB Data With Wireshark on Arch Linux

Added by Daniel Curtis over 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Daniel Curtis
Category:
Workstation
Target version:
Arch Linux
Start date:
06/19/2018
Due date:
% Done:

100%

Estimated time:
1.00 h
Spent time:
1.50 h

Description

This is a guide on sniffing USB data using Wireshark on Arch Linux.

Prepare the Environment

  • Make sure the system is up to date:
    sudo pacman -Syu

Setup usbmon

  • Load the usbmon kernel module:
    sudo modprobe usbmon
  • Give regular users privileges to access the usbmon interfaces:
    sudo setfacl -m u:$USER:r /dev/usbmon*
sudo chmod +r /dev/usbmon*

Install Wireshark

  • Install wireshark:
    sudo pacman -S wireshark-gtk
  • Add a regular user to the wireshark group:
    sudo usermod -aG wireshark $USER
    • NOTE: Log out and log back in to make the new group membership take effect.
  • Change the group ownership of the usbmon interfaces
    sudo chgrp wireshark /dev/usbmon*

NOTE: Using the regular application launcher from the menu did not let me see the usbmon interfaces. To work around this, I opened up a terminal and launched wireshark from there:

wireshark-gtk &

Resources

#1

Updated by Daniel Curtis over 6 years ago

  • Description updated (diff)
#2

Updated by Daniel Curtis over 6 years ago

  • Description updated (diff)
  • Status changed from New to Resolved
  • % Done changed from 0 to 100
#3

Updated by Daniel Curtis over 5 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF