As a network admin, I often need to use tools outside of the realm of the "home user". However, since switching to the Mac 100% (sometime around OS X 10.1, prior to that I used Windows also) I have been denied some of the most common tools — such as a COM port and the HyperTerm application (a terminal emulator that comes with Windows), primarily. However, my company's available software licenses for NA's "Sniffer" don't do me any good, as it is a Windows-only application. So, there's a need for a good (and cheap/free) packet analyzer too.
Here are the solutions that I found. They worked for me, and hopefully they will work for other Mac-using network geeks as well.
Q. Is there a way to access the console port of a new switch using the Terminal application that comes with OS X?
A. If the device already has an IP address, simply telnet to the device from the terminal. However, if the device does not have an IP (such as a brand-new router) you will need to configure it initially through the serial port. To connect to the device, your Mac will need:
- A USB-to-Serial Adapter. They're cheap. I use the Keyspan "USA-19Qi"
- A terminal emulator. I chose "minicom", an open source app that I picked up at
Other terminal emulators exist (such as the venerable "ZTerm" and other shareware emulator picks), but these do not use the existing terminal interface of OS X. And they typically cost a little bit, too.
Q. Is there a way to easily capture and analyze packets without spending a huge amount of money. (As a corporate Mac user, I own my own hardware and I also own all the support and responsibilities that go with it. In other words, if I want a sniffer, I gotta buy it myself.)
A. I found a couple of good ones. Ethereal is a free open source option, and is my first choice, but for some reason I can't get it to install on my powerbook from either distribution source. So I searched around for other options and found the following:
- MacSniffer - previously $15, now it is "Beta"
- EtherPeek - A Fantastic but expensive analyzer ($495 for 1 user license)
- FrameSeer - A frugal but clean GUI around UNIX's built-in tcpdump tool. At $49, this is the winner for me.
- tcpdump is free and already on your Mac as a command line tool, but it requires learning and the output is difficult to analyze without another tool. Since FrameSeer can open raw tcpdump files and decode them for you, the vote again goes to FrameSeer.
[edit: I would still prefer Ethereal, which I've used before and is very good. However, I simply dont have time to fight the install at this point, and $49 is little enough that FrameSeer is a good fit.]
Q. How do I telnet, tftp, ftp, ping, traceroute, finger, port scans, etc.?
A. These are all already there. Its part of OSX, and the tools available are very strong (stemming from X's UNIX underpinnings). Also, the "Network Utility" (in /Applications/Utilities/ by default) provides an excellent GUI for these types of tools.
Leave a comment