Network Analysis

Network Analysis

Being a multiuser operating system from its start, Unix has always been intended for use on a network. If your Mac OS X machine isn't already connected to a network, it is likely to be at some point. In this section we describe some of the tools for analyzing network activity that come with Mac OS X.

Network Utility

Network Utility (/Applications/Utilities/Network Utility) is an Aqua program that provides a graphical interface for several common network-analysis tasks .

To launch Network Utility:

  • Double-click the Network Utility icon, or at the command line enter

     open "/Applications/Utilities/Network 

    The Network Utility application opens to its Info pane ( Figure 4.37 ).

    Figure 4.37. The Info pane of Network Utility.

To see if another Internet host is active:

Select the Ping tab of Network Utility.

The Ping pane opens ( Figure 4.38 ).

Figure 4.38. The Ping pane of Network Utility.

Enter a domain name or an IP address to test.

Figure 4.39 shows a domain name entered for testing. A domain name is the part of a Web address (URL) after the two slashes . It consists of two or more words separated by dotsfor example, . An IP (Internet Protocol) address is a set of four numbers separated by dots. Each number in an IP address is between 2 and 254.

Figure 4.39. Entering a domain name for Ping testing.

You can adjust the number of pings ( essentially , a request for a response) that you want to send.

Click the Ping button.

Network Utility sends a series of short messages (called Internet Control Message Protocol [ ICMP ] packets ) to the remote machine and expects responses. The results are shown in the lower portion of the window ( Figure 4.40 ).

Figure 4.40. What happens when you send ten pings to

If the packets do not make it to the remote machine and back again, you will see gaps in the icmp_seq numbers. These indicate a packet loss of greater than 1 percent, especially high time values (that is, the time it took to conduct the ping), or no response at all. (To properly test for packet loss, send at least 100 pings.) Normal time values depend on the nature of your Internet connection. Frequent testing of a handful of remote machines over a period of a few weeks will give you an idea of what is normal for your connection. Some networks are configured to block the kind of packets used in these tests, so in a few cases a machine or network appears unreachable even though it is functioning normally.


  • You can run the same test from the command line with

    ping -c 10

See man ping for many more options.

When your computer connects to another on the Internet, the data being exchanged passes through a series of intermediate special-purpose computers called routers . Routers connect networks together (the Internet is an internetwork system, like inter state or inter national, hence the name).

It is possible to see a list of the routers between your computer and any particular destination you connect to through the Internet. The list can and does vary as networks are added, dropped, and reconfigured.

To trace the route to another Internet host:

Select the Traceroute tab in Network Utility ( Figure 4.41 ).

Figure 4.41. The Traceroute pane of Network Utility.

In the Traceroute pane, fill in the domain name or IP number of a host to test ( Figure 4.42 ).

Figure 4.42. Entering a domain name for Traceroute testing.

Click the Trace button.

The trace results appear in the lower part of the Traceroute pane ( Figure 4.43 ).

Figure 4.43. The results of using Traceroute on

Each line shows one router with the three round-trip times (in milliseconds ) for data sent between your computer and the router. If the connection along the way is bad, the round-trip time is replaced with an asterisk (*).


  • You can run the same test from the command line with


    See man traceroute for more options.

Network Utility has half a dozen more features, some of which have a dozen or more options. While they are beyond the scope of this book, you can't hurt your Mac by trying them. Table 4.5 contains a brief description of the panels other than Info, along with their command-line equivalents.

Table 4.5. Network Utility Features




Gives information about raw data that has been sent and received through your network (Ethernet) connection. See man netstat for the command-line version.


Configure and display information about your AppleTalk network. See man -k appletalk for a list of AppleTalk- related command-line utilities, such as the appletalk command.


Tests to see if another machine is reachable through the Internet. See man ping for the command-line version.


Used to find information about Internet addresses (both domain names and IP numbers). See man dig for the command-line version.


Shows the routers in between your machine and another machine on the Internet. See man traceroute for the command-line version.


Used to find information about domain names (as opposed to specific machine addressesuse Lookup for that). Finds who owns the domain name and who is responsible for translating addresses in that domain into IP addresses (the "DNS" servers for the domain). See man whois for the command-line version.


Used to find information about users logged in to other machines on the Internet. Few Internet hosts allow incoming finger requests . See man finger for the command-line version.

Port Scan

Used to see what services a particular Internet host is providing, such as Web server or e-mail server. There is no direct command-line equivalent.

Unix for Mac OS X 10. 4 Tiger. Visual QuickPro Guide
Unix for Mac OS X 10.4 Tiger: Visual QuickPro Guide (2nd Edition)
ISBN: 0321246683
EAN: 2147483647
Year: 2004
Pages: 161
Authors: Matisse Enzer

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: