On Oct 27, 2009, at 4:37 AM, Jonas Lopez wrote:
> > Added a hd and noticed lots and lots of traffic in menu meters with > nothing running! As others have said it's likely Spotlight indexing. > > Why I asked, but could not find out. Is this hd contaminated with a > data logger or what? Did you reformat it after installing it? > > Found this: Ettercap is a suite for man in the middle attacks on > LAN. It features sniffing of live connections, content filtering on > the fly and many other interesting tricks. It supports active and > passive dissection of many protocols (even ciphered ones) and > includes many feature for network and host analysis. Yeppers, ettercap is a very powerful tool. I catch someone on our network running it that isn't a network admin or has a very good reason to run network analysis tools, they're in trouble :-/ > > Any features in 10.4 able to tell us what is being transmitted and > why? Or anyone know of a program to alert us of this problem? Lets get something basic right out of the way: disk activity does not equal network activity. On the mac there's some basic network analysis tools built in in Applications/Utilities, and the command line program tcpdump is built in. You can capture some or all of the network traffic for analysis with that program. Fire up a Terminal session and do man tcpdump for more. Here's a link to a number of different packet snifffing tools <http://sectools.org/sniffers.html> There are graphical front ends for tcpdump, here's one: <http://personalpages.tds.net/~brian_hill/macsniffer.html> it's by the author of MacJanitor, and I've used this one a number of times to figure out networking problems. Here's another one: <http://www.baurhome.net/software/eavesdrop/index.html> Finally, for a better way of managing your Mac's talkativeness, get Little Snitch. <http://www.obdev.at/products/littlesnitch/index.html> -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs --~--~---------~--~----~------------~-------~--~----~ You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/g3-5-list -~----------~----~----~----~------~----~------~--~---
