Wireshark

The Centrych version of Wireshark includes the following customizations:
  • Uses Xfce4 preferred browser when opening web pages.
  • Built with GTK2.
  • Application icon listed under Network menu.
  • Packet editor enabled.
  • Remote pcap capable.
  • Added NEWS to wireshark-common.
  • Added Release notes to wireshark-docs.
The following additional plugins are also included.

IDS Alert
This plugin provides the ability to display the contents of Snort/Suricata rules in structured format at the frame they were generated on.

An overview and demo of this plugin can be viewed here.

Details on configuring your system to use this plugin can be found here.

Pyreshark
This is an alternative python plugin, details on its use can be obtained here.

NOTE: This plugin has been modified to write logfiles to the current user's home directory.

Installation
Please refer to the IDS Alert configuration details listed above for adding the Centrych Security PPA to your system.  Once added, Wireshark can be installed via the Synaptic Package manager.