Connect to a serial console with a Mac

Most network devices still got a serial console. If you got a Mac and want to connect to this console, get yourself a Serial-to-USB converter that is supported by Apple. A good one is the Keyspan usa-19hs. After you installed the driver, plug in the USB serial Adapter.

Now you could search and download some Terminal Software. But it is much easier. Use screen. screen is already built in. You have nothing to compile, nothing to add, just use it like this:

screen /dev/tty.Keyserial1 9600

When you finished your work just close screen with “ctrl-a k“.

Another method is the usage of cu.

sudo cu -l /dev/tty.Keyserial1 -s 9600

cu is easier to use, if you have to send a break signal.

simply type

~%break

 

 

Clear DNS cache on a Mac

Every Mac caches resolved DNS queries. Sometimes you get entries which create problems. To get rid of them you have to options: reboot the machine. This is the bad one. The good one is: Type the following command in the Terminal:

dscacheutil -flushcache

TCP/IP packet sniffer

Sometimes you need a powerful sniffer on your system. Every Mac and every Linux system got it. You just have to use it.

tcpdump

The only thing you have to know, are a few flags.

  • -i en0 : Listen on this interface.
  • -n : Don’t resolve hostnames.
  • -nn : Don’t resolve hostnames or port names.
  • -X : Show the contents in both hex and ASCII.
  • -XX : Same as -X, but also shows the ethernet header.
  • -v, -vv, -vvv : Increase the amount of packet information you get back.
  • -c : Get n packets and then stop.
  • -S : Print absolute sequence numbers.
  • -e : Get the ethernet header as well.
  • -q : Show less protocol information.
  • -E : Decrypt IPSEC traffic by providing an encryption key.
  • -s : Set the snaplength, i.e. the amount of data that is being captured in bytes

Example:

If you just want to see some traffic on the interface:

tcpdump -ni en0

If you want get a lot of information:

tcpdump -i en0 -nnvvvXSs 1514

Of course there are some other options. You can record the traffic into a file, read it from a file. You can also set filters on the command line to get only specific packets.

tcpdump -i en1 -nnvvS tcp and src 10.0.5.1 and dst port 5222

Network grep “ngrep”

Sometimes it is very practical to use grep, to find a specific regular expression in some files. It would also be very practical to have the grep functionality on the network. This feature is available.

Download ngrep. The package to get is ngrep-1.45.tar.bz2.

To get it to work on a mac do:

tar xvjf ngrep-1.45.tar.bz2
cd ngrep-1.45
./configure --with-pcap-includes=/usr/include --prefix=/usr/local
make
sudo make install

To read the manual page you can run

man ngrep

Now run ngrep itself run

sudo ngrep  <expression to find> <pcap filter expression>

<pcap filter expression> is used the same way as in tcdpdump.

Subnet Masks

subnetwork, or subnet, is a logically visible, distinctly addressed part of a single Internet Protocol network. The process of subnetting is the division of a computer network into groups of computers that have a common, designated IP address routing prefix.

/binaryhexdecimal
/110000000.00000000.00000000.000000000x80000000128.0.0.0
/211000000.00000000.00000000.000000000xc0000000192.0.0.0
/311100000.00000000.00000000.000000000xe0000000224.0.0.0
/411110000.00000000.00000000.000000000xf0000000240.0.0.0
/511111000.00000000.00000000.000000000xf8000000248.0.0.0
/611111100.00000000.00000000.000000000xfc000000252.0.0.0
/711111110.00000000.00000000.000000000xfe000000254.0.0.0
/811111111.00000000.00000000.000000000xff000000255.0.0.0
/911111111.10000000.00000000.000000000xff800000255.128.0.0
/1011111111.11000000.00000000.000000000xffc00000255.192.0.0
/1111111111.11100000.00000000.000000000xffe00000255.224.0.0
/1211111111.11110000.00000000.000000000xfff00000255.240.0.0
/1311111111.11111000.00000000.000000000xfff80000255.248.0.0
/1411111111.11111100.00000000.000000000xfffc0000255.252.0.0
/1511111111.11111110.00000000.000000000xfffe0000255.254.0.0
/1611111111.11111111.00000000.000000000xffff0000255.255.0.0
/1711111111.11111111.10000000.000000000xffff8000255.255.128.0
/1811111111.11111111.11000000.000000000xffffc000255.255.192.0
/1911111111.11111111.11100000.000000000xffffe000255.255.224.0
/2011111111.11111111.11110000.000000000xfffff000255.255.240.0
/2111111111.11111111.11111000.000000000xfffff800255.255.248.0
/2211111111.11111111.11111100.000000000xfffffc00255.255.252.0
/2311111111.11111111.11111110.000000000xfffffe00255.255.254.0
/2411111111.11111111.11111111.000000000xffffff00255.255.255.0
/2511111111.11111111.11111111.100000000xffffff80255.255.255.128
/2611111111.11111111.11111111.110000000xffffffc0255.255.255.192
/2711111111.11111111.11111111.111000000xffffffe0255.255.255.224
/2811111111.11111111.11111111.111100000xfffffff0255.255.255.240
/2911111111.11111111.11111111.111110000xfffffff8255.255.255.248
/3011111111.11111111.11111111.111111000xfffffffc255.255.255.252
/3111111111.11111111.11111111.111111100xfffffffe255.255.255.254
/3211111111.11111111.11111111.111111110xffffffff255.255.255.255