Re: capturing USB data

[Thomas Epperson <thomas.epperson () gmail com>]

Ah ok I see now. Running this command
sudo chmod o=rw /dev/usbmon*
allowed normal wireshark to capture usb packets (although sometimes it only
reads a portion of packets - I'm not sure what normal would be for this)

On Mon, Aug 30, 2010 at 1:21 PM, Guy Harris <guy () alum mit edu> wrote:

> On Aug 30, 2010, at 10:42 AM, Thomas Epperson wrote:
>
> > Ok I changed libpcap to point to /dev/null.
>
> Actually, just undoing your previous change would be sufficient; "change it
> to /dev/null" was meant to indicate that no change was necessary - as per my
> mail, /proc/bus/usb isn't necessary with newer libpcaps such as 1.1.x.
>
> > I can get wireshark to list usbmon interfaces and capture data, but ONLY
> if I run it as root. Is there a way to eliminate the depency of running as
> root?
>
> What does "ls -l /dev/usbmon*" print?
>
> > I did these steps to allow sniffing "regular (not usb)" traffic as
> non-root
> > Setting network privileges for dumpcap
> > http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
>
> Presumably those were the "Linux" steps.  Those steps are, as per "regular
> (not usb)", specific to capturing on regular networking devices; capturing
> USB traffic needs a different mechanism, requiring that the program be able
> to open the /dev/usbmon* devices.  Did you do the "Setting network
> privileges for dumpcap" steps or the "Limiting capture permission to only
> one group" steps?  If the former, you'll probably need to make the
> /dev/usbmon* devices publicly readable; if the latter, you'll only need to
> make them readable by the group in question.  (At least on my Ubuntu 9 VM,
> /sys/bus/usb/devices is publicly readable; if that's the case on your
> machine, no changes should be necessary to get Wireshark to list usbmon
> interfaces, although you'd need to make the usbmon devices accessible to
> dumpcap in order to get Wireshark to capture on them.)
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org
> ?subject=unsubscribe



-- 
Thomas Epperson
Build a man a fire, and he'll be warm for a day. Set a man on fire, and
he'll be warm for the rest of his life. - Terry Pratchett.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe