packeting sniffing on OS X

Discussion in 'macOS' started by j00d, Feb 19, 2011.

  1. j00d macrumors member

    Joined:
    Jul 27, 2007
    #1
    Hi,

    I'm trying to demonstrate to my co-workers that ftp is a really bad idea, security-wise, for transferring files to our clients.

    What packet sniffing software works well on OSX? I was able to show passwords in the clear before on hubs using snort, but the snort.org site only seems to offer RPM's and before i put in the effort to learn to compile something on OSX for the first time, I'd like to know if it's still a viable product on OSX.

    If there are other apps other than snort, I'd love to hear about them also. Our office uses a Dell gigabit switch.

    Thanks,

    john
     
  2. munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
  3. iMouse macrumors regular

    Joined:
    Jul 23, 2002
    Location:
    Boardman, Ohio
    #3
  4. dyn macrumors 68030

    Joined:
    Aug 8, 2009
    Location:
    .nl
    #4
    Or use what comes with OS X by default: tcpdump. It's a commandline utility though.

    If you want to sniff on the switch things become a bit more complicated because you need to setup a monitoring port and hook the Mac up to that port. With a switch you can only see your own traffic, not that of your neighbours. Most switches have the option for a monitoring port. Simply put the switch will dump a copy of all the traffic at that port.
     

Share This Page