REPLY-TO-ALL is a double language blog (English/Russian) run by three information security practitioners. Want to discuss information security problems? This is the place.
Wednesday, June 18, 2008
Tuesday, June 17, 2008
Wireshark and tcpdump on Mac OS X
If you've seen the following message when running tcpdump:
As a more dangerous alternative you can run tcpdump or Wireshark as root (not recommended). If you installed Wireshark in /Applications folder, use:
tcpdump: no suitable device foundIt is most probably due to permissions for /dev/bpf* device files (600 by default, owned by root:wheel). It is the same if you don't see any interfaces in Wireshark. To correct this run:
$ sudo chmod go+r /dev/bpf*Please note that this change is lost after reboot. Tested on 10.5 (Leopard).
As a more dangerous alternative you can run tcpdump or Wireshark as root (not recommended). If you installed Wireshark in /Applications folder, use:
$ sudo /Applications/Wireshark.app/Contents/MacOS/Wireshark
Call For Discussion
14 June has passed and we are ready to wake up our blog :). I want to start by asking a question - what do you think about various IT security and IT audit standards? Do you think they are useful? Vital? What role do they play in your job?
As for me, I have a stance of "all models are wrong, but some are useful".
As for me, I have a stance of "all models are wrong, but some are useful".