http://www.entropy.ch/software/macosx/#tcpflow
The home page for tcpflow itself is here:
http://www.circlemud.org/~jelson/software/tcpflow/
Michael
|
|
|
If you're interested in seeing what things get sent out by your machine (for example, hidden data sent out as part of a software install or what cookies are getting set while browsing), check out tcpflow. tcpflow is a packet sniffer for unix-based operating systems. It's got more features than tcpdump (which is included with OS X). Marc Liyanage has created a Mac OS X installer package, which is available here:
http://www.entropy.ch/software/macosx/#tcpflow The home page for tcpflow itself is here: http://www.circlemud.org/~jelson/software/tcpflow/ Michael
•
[41,023 views]
Hint Options
Still does not watch PPP
This still does not solve the problem I described here. I would really like to watch PPP traffic, but with present software / os (10.0.4) this seems to be impossible. If anybody has a clue, PLEASE let me know. Thanks!
Still does not watch PPP
Try setting the interface. From an email I got from the authour:
Still does not watch PPP
ummmm... Okay....
Still does not watch PPP
type ifconfig -a
Still does not watch PPP
Sounds like you should try BrickHouse, download it from versiontracker.com
Strange behavior
This is a fantastic utility. Check this out: I have my Mac and a PC connected to a small hub on my desk. That's connected to a hub in the next office. When my PC has TCP traffic, TCPflow picks it up. Why is that? More interestingly, I can see the passwords (transmitted in clear text by Outlook) when the PC checks my email! What if I were connected to a larger hub at an office where it mattered? Could I see everyone's usernames and passwords when they check their email?
Sniffers
Jay: in a word, yes. You have discovered why "https" is a good thing. Network sniffing is Very Easy™.
Another cool sniffer util to check out is - Ettercap.
Etherpeek is a sweet network sniffer for OS9 and earlier. Etherpeek.
-Ben
Hub vs Switch
>When my PC has TCP traffic, TCPflow picks it up. Why is that?
re: replies
How interesting! Thanks very much. I new that a switch was more secure, but had never actually witnessed how public the information is!
Strange behavior
I think TCPflow picks up the data going to the PC because in the Ethernet specification(Carrier Sense Multiple Access/Collision Detect) frames go to every interface on the collision domain(any interface connected by a link-layer device like a hub). |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.28 seconds |
|