Easy Packet Sniffing on Mac OS X
If you have more than one workstation, you administer several machines connected to a network, or just frequently connect to various networks, sooner or later you’ll find a packet sniffer to be quite useful.
New users may be asking themselves why would they need such a tool so here are a few things it allows you to do:
- Monitor network usage
- Compile network statistics
- Analyze network problems
- Identify suspect content
- See what other users are doing.
There are many tools up for the job that work on Mac OS X but if you’re looking for a free packet sniffer, Packet Peeper is an open source project that does the job quite well.
Nowadays it’s very common to be in the local coffee shop, connected to an open wireless network while having a hot cup of java. If you fire up Packet Peeper and opt for promiscuous capture mode, you can see not just your packets, but also those addressed to the rest of the coffee drinking surfers.
As you can see from the screenshot above, Packet Peeper’s interface is very simple and easy to use.
Watching how this tool captures your network traffic will make you think twice at what you do the next time you’re connected to one of those free hotspots. After all, you may not be the only one with such a tool. For example, if you check your POP e-mail account that sends the username and password in plain text to the server you’ll see that Packet Peeper has captured them both:
Captured traffic can be saved for later analysis. This is particularly useful if you have to analyze traffic from several networks at once and want to do it later, after all the capturing has been done.
If you want details, you can get plenty. The image above shows what a TCP stream looks like.
Analyzing a packet is easy when you have enough room. The image above depicts the viewing of a packet in a separate window. It has been scaled to fit into this page but, as you can see, it can be expanded to give you more info on the same screen.
As options go, there are several that can be setup before a capture session is initiated. As you get more into packet sniffing, you’ll find them quite useful.
Packet Peeper is available for download here, take it for a spin.