Hi all,
can one I use wireshark as user or I must be root?
Thank you in advance
Santo

On Mon, 29 Aug 2022 10:32:59 -0000 (UTC), santo wrote:
> Hi all,
> can one I use wireshark as user

$ type wireshark
wireshark is /usr/bin/wireshark
would suggest anyone could run it.

Have you tried it yet ?

> or I must be root?
> Thank you in advance

It might not hurt to add your login name to the wireshark group, log out/in
and check for it with
id -nG

For any lurkers you might also create the systemd-journal group if it does
not exist and add your login name to it while you are in group management tool.

That will allow you to use journalctl to access the system journal without
having to be root.

On Mon, 29 Aug 2022 07:26:57 -0500, Bit Twister wrote:

>
> It might not hurt to add your login name to the wireshark group,

yes, I added my name to wireshark group and ...well, it works...but I
have no idea what to do..
:-(

Sorry, som Off Topic background...
I do not know if people remember my name here, I only post in regard to
installing new Mageia version and am veri ignorant about how things works
etc...anyway...
Auroville is going through some difficult time, there is an attempt by
Government Official and some 'Aurovilians' to take over the management of
Auroville...

Some of these Aurovilians with Gov Off. help, took over the management
of the @auroville.org.in ...I ( we ) from the other side were informend
that our email ID was not safe to use anymore as now the new management
could look into our mails etc...

In fact for sometime I could not access my Google Drive and when trying
to log into my email account I was logged out immedietely ( 'you have
been logged out' message appeared for at least 3 times...)

When I finally managed to log in a message appeared stating that the
domain auroville.org.in was now managed by xxxxc (forgot ...)but the
message clearly stated that this xxxx had now the possibility to look
into datas in my mail box...

I wish I had taken a screen shot of that message ...

Now I can log in but obviously I am very unsure and do not wish to use it
but all my contacts are there...of course I created a new gmail ID but
still...
:-(

( which I will replace in this group)...

ANyway, apologies for this long OT post...I was just trying to find
something that could help, me if and when, someone was logging into my
mail box and record it so that I could sue them, I thought Wireshark was
such option maybe, but it is all way beyond my level...

just disregard if way of topic...and apologies for ...well whatever...

Santo

> For any lurkers you might also create the systemd-journal group if it
> does not exist and add your login name to it while you are in group
> management tool.
>
> That will allow you to use journalctl to access the system journal
> without having to be root.

On Mon, 29 Aug 2022 13:07:56 -0000 (UTC), santo wrote:
> On Mon, 29 Aug 2022 07:26:57 -0500, Bit Twister wrote:
>
>>
>> It might not hurt to add your login name to the wireshark group,
>
> yes, I added my name to wireshark group and ...well, it works...but I
> have no idea what to do..
>:-(

wireshark allows you to read/collect actual packets sent to/from your
system.

> Sorry, som Off Topic background...
> I do not know if people remember my name here, I only post in regard to
> installing new Mageia version and am veri ignorant about how things works
> etc...anyway...
> Auroville is going through some difficult time, there is an attempt by
> Government Official and some 'Aurovilians' to take over the management of
> Auroville...
>
> Some of these Aurovilians with Gov Off. help, took over the management
> of the @auroville.org.in ...I ( we ) from the other side were informend
> that our email ID was not safe to use anymore as now the new management
> could look into our mails etc...

Yep, whoever owns the server has access to all data on the system.

> In fact for sometime I could not access my Google Drive and when trying
> to log into my email account I was logged out immedietely ( 'you have
> been logged out' message appeared for at least 3 times...)

Yep, could be a system configuration problem and the login authorization
service/daemon may not be running/working and you are not getting the
right/correct message failure.

> When I finally managed to log in a message appeared stating that the
> domain auroville.org.in was now managed by xxxxc (forgot ...)but the
> message clearly stated that this xxxx had now the possibility to look
> into datas in my mail box...

Well I would not expect the xxxx organization to post such a message.
going to guess xxxx organization is the cause of the login problem.

> I wish I had taken a screen shot of that message ...

Rather than a screen shot, I use import to select/save a desired portion of
of my screen. import is in the imagemagick package/rpm.

>
>
> Now I can log in but obviously I am very unsure and do not wish to use it
> but all my contacts are there...of course I created a new gmail ID but
> still...
>:-(

Then I suggest saving contacts and whatnot so you always have them regardless
of who you use.

> ( which I will replace in this group)...
>
> ANyway, apologies for this long OT post...I was just trying to find
> something that could help, me if and when, someone was logging into my
> mail box and record it so that I could sue them, I thought Wireshark was
> such option maybe, but it is all way beyond my level...

Wireshark will not show you what you want unless they are using your system.
If I had your email id/password I could log into it and Wireshark would not
show any traffic/packets of such activity.

On Mon, 29 Aug 2022 09:07:56 -0400, santo <nanci@auroville.org.in> wrote:

> On Mon, 29 Aug 2022 07:26:57 -0500, Bit Twister wrote:
>
>>
>> It might not hurt to add your login name to the wireshark group,
>
> yes, I added my name to wireshark group and ...well, it works...but I
> have no idea what to do..
> :-(
>
> Sorry, som Off Topic background...
> I do not know if people remember my name here, I only post in regard to
> installing new Mageia version and am veri ignorant about how things works
> etc...anyway...
> Auroville is going through some difficult time, there is an attempt by
> Government Official and some 'Aurovilians' to take over the management of
> Auroville...
>
> Some of these Aurovilians with Gov Off. help, took over the management
> of the @auroville.org.in ...I ( we ) from the other side were informend
> that our email ID was not safe to use anymore as now the new management
> could look into our mails etc...
>
> In fact for sometime I could not access my Google Drive and when trying
> to log into my email account I was logged out immedietely ( 'you have
> been logged out' message appeared for at least 3 times...)
>
> When I finally managed to log in a message appeared stating that the
> domain auroville.org.in was now managed by xxxxc (forgot ...)but the
> message clearly stated that this xxxx had now the possibility to look
> into datas in my mail box...
>
> I wish I had taken a screen shot of that message ...
>
>
> Now I can log in but obviously I am very unsure and do not wish to use it
> but all my contacts are there...of course I created a new gmail ID but
> still...
> :-(
>
> ( which I will replace in this group)...
>
> ANyway, apologies for this long OT post...I was just trying to find
> something that could help, me if and when, someone was logging into my
> mail box and record it so that I could sue them, I thought Wireshark was
> such option maybe, but it is all way beyond my level...
>
> just disregard if way of topic...and apologies for ...well whatever...
>
> Santo
>
>> For any lurkers you might also create the systemd-journal group if it
>> does not exist and add your login name to it while you are in group
>> management tool.
>>
>> That will allow you to use journalctl to access the system journal
>> without having to be root.

Wireshark only allows you to capture traffic that is visible to the network
interface on your computer.

The admin is correct to warn you, that anyone who has physical access to the
computer(s) used by auroville.org.in can read anything stored on those hard
drives. Whether they will or not, is another story. One that you cannot detect
from your computer. That's true any time your stuff is stored on some one
else's computer, whether its auroville.org.in, google, yahoo, or others.

For google drive, the admin of auroville.org.in would only be able to see that
your computer is connected to google, not what you are doing with it. Just like
auroville with the email stored on it's hard drives, google can read anything
that is not encrypted, that is stored on it's drives.

When you connect to https://drive.google.com/drive/my-drive the connection is
encrypted between google and your computer. The admin can see that you're using
drive.google.com, but can't snoop on your login etc. If the password is not
sitting in your email inbox at auroville.org.in then they cannot impersonate
you.

If you don't want stuff that is stored on some one else's computer to be readable
by it's admins, make sure it's encrypted, and only decrypted after it gets to your
computer. That in itself may make you a target of investigation though, depending
on the circumstances.

Regards, Dave Hodgins

On Mon, 29 Aug 2022 08:52:31 -0500, Bit Twister wrote:

> On Mon, 29 Aug 2022 13:07:56 -0000 (UTC), santo wrote:
>> On Mon, 29 Aug 2022 07:26:57 -0500, Bit Twister wrote:
>>
>>

Well to close the tread...

>
> Yep, whoever owns the server has access to all data on the system.

so my fears are not unfounded
:-(

for the Google Drive...
The admin of the google drive ( through Telegram ) I have subscribed to
showed me with a screen shot he took that the auroville.org.in domain was
not allowed to access it...it seems is legal and institutions like
Universities etc...block their email domain to be used outside their
campus...

( By the way, ust a drive to share italian comics and old movies and TV
series...)

changing the email solved the problem

>
> Well I would not expect the xxxx organization to post such a message.

It was a pop-up small window and the meaning was clearly that one...

Anyway, thanks for your help, as usual very appreciated...
Santo

On Mon, 29 Aug 2022 09:59:08 -0400, David W. Hodgins wrote:

> On Mon, 29 Aug 2022 09:07:56 -0400, santo <nanci@auroville.org.in>
> wrote:
>
>> On Mon, 29 Aug 2022 07:26:57 -0500, Bit Twister wrote:
>>
>

>
> The admin is correct to warn you, that anyone who has physical access to
> the computer(s) used by auroville.org.in can read anything stored on
> those hard drives. Whether they will or not, is another story. One that
> you cannot detect
> from your computer. That's true any time your stuff is stored on some
> one
> else's computer, whether its auroville.org.in, google, yahoo, or others.
>
> For google drive, the admin of auroville.org.in would only be able to
> see that your computer is connected to google, not what you are doing
> with it. Just like auroville with the email stored on it's hard drives,
> google can read anything that is not encrypted, that is stored on it's
> drives.
>
> When you connect to https://drive.google.com/drive/my-drive the
> connection is encrypted between google and your computer. The admin can
> see that you're using drive.google.com, but can't snoop on your login
> etc. If the password is not sitting in your email inbox at
> auroville.org.in then they cannot impersonate you.
>
> If you don't want stuff that is stored on some one else's computer to be
> readable by it's admins, make sure it's encrypted, and only decrypted
> after it gets to your computer. That in itself may make you a target of
> investigation though, depending on the circumstances.
>
> Regards, Dave Hodgins

Thanks David, help and explanation very appreciated...my only concerns
was and is that they could detect and read the emails that I am
exchanging with my friends about the situation here in Auroville, I have
nothing illegal or dubious in my mail box.

he google drive is about exchanging accessing old italian comics , movies
and tv series...and I thought that there is an encription that is there
by default so no need from my side to check, but it seems that I must be
sure about it...
Will look into it.
Thank you again and end of the tread
:-)
Santo