Saturday, October 31, 2009

tcpdump OS X

tcpdump is built in to OS X (Mac) Linux users have been using it since the inception of *nix variants.

*Warning: this and other tools like it are very powerful, with knowledge comes power, use it wisely*
*Respect others privacy
*Think before you do something and understand the consequences

Click here to leave a comment .. even if it is just to say HI!!

From wikipedia:
tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.

For my uses I am the admin of a very

small company that uses Windows 2003 and Citrix to serve up applications to dump terminals. We have been experiencing excessive band width usages and I am curious as to where, how, and why. This is probably not the best tool to use but it gives me an idea of what is going on.

On my PowerBook (separate from the network) I opened a terminal and typed:

tcpdump -ien1

And was presented with

tcpdump: (no devices found) /dev/bpf0: Permission denied

-ien1 is the airport card en1

/dev/bpf0 is where *nix (OS X in this case) stores information about the airport card en1.

well having been use to Linux commands as well figured I would su (super user basically running as root)

This did not help either, apparently OS X requires the use of

sudo -s

then enter the password of an administrator account

This will give you a bash prompt (for me it was) and now you can run your command at the prompt.

bash-3.2# tcpdump -ien1

Happy hunting for more information on the tcpdump command and its switches from a terminal prompt type:

man tcpdump




0 comments:

Lone Star Custom Lapel Pins

Lone Star Custom Lapel Pins
Veteran Managed Lone Star Pins are creators of custom lapel pins. We offer a free digital how to PDF on our site, Free Artwork, and quote. Contact us today for your proof and quote.

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More