Eavesdrop is a free TCP packet sniffer for the Mac. The app allows you to capture traffic on your home network. It is not a very advanced application at this time, and it has some limitations, but it still is a nice app to illustrate how a sniffer works, and it can even be used to analyze some traffic, if you happen to know what you are looking for. One of the most important limitations this application has is that it can't save your captures. It is only a viewer at this point, and it doesn't look like this is going to change any time soon.
The first thing you have to do before starting a capture is selecting the interface. On Macs, ethernet is en0 and wireless is en1. I tested this app while connected to a wireless router, so I chose en1 and started the capture. Lots of packets started showing. The main window shows the source of a packet, the port, any flags, and its destination. If you double click on any entry, you will see more detailed information.
One of the things that I tested was to see if I could intercept images being sent. And by carefully tracking down the right packet I was able to do so.
In my testing, I was only able to see packets originating from my Mac. I had a few other devices running at the same time, and I knew their IP addresses, but none appeared on the list.
- It works
- I was only able to see traffic originating from my computer