Wireshark is supported on many Linux platforms, including Ubuntu, Debian, SUSE, and Red Hat. Installing Wireshark on Linux may be possible, but you may run into errors during the build and installation phases.

Common problems arise when you don't have the necessary development package on your system, or when the development package is outdated. Other issues may be that you are missing libpcap.

Running Wireshark as a root user also causes problems as Linux systems defend themselves against what is perceived as risky behavior, which can cause harm to the OS. As a result, Wireshark may not run while in root mode, and further configuration may be necessary to make this possible.

If you are able to install Wireshark, then you may have an issue with capturing packets and you may see a permission error:

No interface can be used for capturing in this system with the current configuration. (Couldn't run /usr/bin/dumpcap in child process: Permission denied)  

If you see this error, then additional permission modifications and advanced configuration are required to capture traffic. The Wireshark community is very helpful in trying to assist users with issues, but there are options that are more reasonable, especially for novice users.

If you need to become familiar with working with Wireshark on a Linux machine, then there are other options. The following section provides guidance on how to easily download and begin using a premade Linux VM in order to get a feel of how to use Wireshark on a Linux OS for training or testing purposes.