[gentoo-hardened] No interfaces in wireshark

[gentoo-hardened] No interfaces in wireshark

[Grant]

I've installed wireshark on my laptop but it isn't showing any
interfaces.  I have eth0 and wlan0 (USB wireless).  Could this be a
hardened issue?  There isn't anything in dmesg.

- Grant

Re: [gentoo-hardened] No interfaces in wireshark

[Ned Ludd]

On Mon, 2009-01-26 at 12:33 -0800, Grant wrote:
> I've installed wireshark on my laptop but it isn't showing any
> interfaces.  I have eth0 and wlan0 (USB wireless).  Could this be a
> hardened issue?  There isn't anything in dmesg.
> 
> - Grant
> 

Probably not.


-- 
Ned Ludd <solar@gentoo.org>
Gentoo Linux

Re: [gentoo-hardened] No interfaces in wireshark

[Vlad "SATtva" Miller]

Grant (27.01.2009 02:33):
> I've installed wireshark on my laptop but it isn't showing any
> interfaces.  I have eth0 and wlan0 (USB wireless).  Could this be a
> hardened issue?  There isn't anything in dmesg.

Add you user to the wireshark group.

-- 
SATtva | security & privacy consulting
www.vladmiller.info | www.pgpru.com

Re: [gentoo-hardened] No interfaces in wireshark

[Manuel Leithner]

On Mon, 26 Jan 2009 21:40:58 +0100, Ned Ludd wrote:
> On Mon, 2009-01-26 at 12:33 -0800, Grant wrote:
> > I've installed wireshark on my laptop but it isn't showing any
> > interfaces.  I have eth0 and wlan0 (USB wireless).  Could this be a
> > hardened issue?  There isn't anything in dmesg.
> > 
> > - Grant
> > 
> 
> Probably not.
> 
> 
> -- 
> Ned Ludd <solar@gentoo.org>
> Gentoo Linux
> 
> 
> 

Correct.
Since Wireshark uses libpcap trickery, you need to be root to run it.
Now, considering the horrible track record of wireshark when it comes to security flaws - which OpenBSD dropped it for, btw - you're probably better off capturing (as root) with dumpcap or tcpdump and then analyzing the traffic in wireshark.

dumpcap -w outfile -i eth0

Re: [gentoo-hardened] No interfaces in wireshark

[RB]

On Mon, Jan 26, 2009 at 13:40, Ned Ludd <solar@gentoo.org> wrote:
> Probably not.

... directly a hardened issue.  Given the short history of recent
email traffic, I'd be willing to bet Grant has CONFIG_GRKERNSEC_PROC
or CONFIG_GRKERNSEC_PROC_USER turned on without knowing what it does.
I don't follow Wireshark anymore, but  I'd be surprised if they've
abandoned the /proc/net scanning code.

Grant: in all kindness possible, most of these issues you've posted
lately are what come of blindly applying security policies without
understanding what they do.  It's good that you're trying, I just want
to make sure your particular struggles don't reflect the general state
of gentoo-hardened.


RB

Re: [gentoo-hardened] No interfaces in wireshark

[Grant]

>> Probably not.
>
> ... directly a hardened issue.  Given the short history of recent
> email traffic, I'd be willing to bet Grant has CONFIG_GRKERNSEC_PROC
> or CONFIG_GRKERNSEC_PROC_USER turned on without knowing what it does.
> I don't follow Wireshark anymore, but  I'd be surprised if they've
> abandoned the /proc/net scanning code.
>
> Grant: in all kindness possible, most of these issues you've posted
> lately are what come of blindly applying security policies without
> understanding what they do.  It's good that you're trying, I just want
> to make sure your particular struggles don't reflect the general state
> of gentoo-hardened.

I'm very sorry everyone, I just needed to log out/ log in after I
added my user to the wireshark group.

- Grant