OS X: Capturing Packets

Being kind of “Solaris-infested” at times (a.k.a. old habits die hard), I had a hard time capturing network-packets on OS X the other day. Not the capturing in itself, but remembering to use tcpdump instead of snoop. The command I was looking for was

sudo tcpdump host [ip-address]

It lists the packets as they go by, regardless if [ip-address] is the source or the destination. The use of sudo is a necessity on OS X, you’ll end up with a tcpdump: no suitable device found-message otherwise and rightly so, “normal” users have no rights to snoop tpcdump packets. :mrgreen:

Post a Comment

Your email is never published nor shared. Required fields are marked *, comments are moderated.