I've recently done a fresh install of Mac OS X Snow Leopard on a Macbook Pro because of a system failure. The system is bare except for what the DVD installs.
I've turned off Airport, Bluetooth, and have no wired connections. However, I'm seeing Network Packets being sent and received in Activity Monitor under the Network tab.
The tcpdump command says that no interfaces were found, but still Activity Monitor shows packets being sent and received.
How is this possible with all network devices turned off?
Are there any terminal commands that I can run to show where these network packets are coming from?
Answer
Unix-based systems can have quite a lot of communication going over the loopback interface. It is one of the ways processes can communicate with each other (others are shared memory segments for example).
You can use tcpdump on the loopback interface to view the traffic:
# tcpdump -nni lo0
No comments:
Post a Comment