Looking for a network packet inspector

areseearesee
Posted:
in Mac Software edited January 2014
While helping me with a Mail setup issue (bad server name and conflict with another computer) the ISP technician mentioned that I should check for spyware as he was seeing traffic going to China. He backed off when I told him that I only had Macintoshes on my LAN. But this got me wondering. I do have a lot of activity on my hub and AirPort Base Station that I can't explain. and I would like to get to understand what it is. Is there a good, cheap, easy to use application that I can use to examine the traffic on my network?



I do not need a complicated inspector. My network consists of three computers and the AppleTV with no subnets.



It would need to be easy to use and understand as I would likely use it this once and maybe once or twice a year thereafter.



IP Address resolution would be nice.



I would like IP protocol and service identification.



If possible, translation of the packet contents into human terms, preferably english.



I would like to be able to filter it based on IP address. i.e. Traffic to and from the AppleTV, or to and from my ISP.



And I would like it to be cheap.



Thank you for your suggestions.

Comments

  • Reply 1 of 3
    MarvinMarvin Posts: 14,208moderator
    Little Snitch is a blocker for outgoing network traffic and you can use it to see the destination IPs. I don't know about data collection, logging or IP resolution though. There is an app called TCPdump that lets you log traffic. There was one I used that had a map on it and it seemed to be a full featured traffic analyzer. I found it via versiontracker but I can't remember the name. I'll check on Monday at work what it was called.
  • Reply 2 of 3
    tontontonton Posts: 14,067
    There's also the funny random jpeg sniffer called "EtherPeg". I used it in a law firm office once and found out one of the partners spent a LOT of time browsing porn...
  • Reply 3 of 3
    areseearesee Posts: 776member
    Thanks Marvin,

    I already looked at Little Snitch but it only monitors the traffic in and out of the computer it is running on. I am looking for something to monitor my LAN. it looks like TCPdump will do what I want but I have a lot of learning to do before using it. Both in setting TCPdump up to collect the data and latter to analyze the data. (Neither Network Utility nor Intego NetBarrier found any active ports, services or traffic that I didn't expect on my main Mac. The observed activity could be my RSS feeds in Safari. I was surprised how active the is.)



    tonton,

    I do not know what the traffic is or even if it exists, but it's more than pictures. Besides, if anybody is surfing porn on my network, it would be me. Thanks anyway.
Sign In or Register to comment.