My Top Tools for Network Administrators Using Mac and Homebrew
Whether you’re troubleshooting BGP sessions, scanning subnets, or verifying DNS propagation, these Homebrew-accessible tools can save you time and boost productivity.
1. Wireshark
Install: brew install --cask wireshark
Wireshark is the gold standard for packet analysis. With support for deep packet inspection and powerful filtering, it’s a must-have for diagnosing strange behavior on your network.
Pro tip: Enable “Capture packets in promiscuous mode” to watch traffic like a hawk on bridged or mirrored ports.
2. Nmap
Install: brew install nmap
Nmap is a powerful tool for network discovery and security auditing. Whether you’re mapping your internal network or checking for rogue devices, Nmap provides detailed information fast.
Try: nmap -sP 192.168.1.0/24 to find all live hosts on a subnet.
3. Tcpdump
Install: brew install tcpdump
Tcpdump is Wireshark’s command-line cousin. Perfect for quick packet captures or when working over SSH into remote macOS systems.
Example: sudo tcpdump -i en0 port 443 to sniff HTTPS traffic on your primary interface.
4. Netcat (nc)
Install: (Built into macOS, but updated versions can be installed with brew install netcat)
Netcat is the “Swiss army knife” of networking. It can listen on ports, send data, or even create simple chat servers.
Use case: Testing open TCP ports: nc -zv 192.168.1.1 1-1024
5. iperf3
Install: brew install iperf3
Need to benchmark throughput between endpoints? Iperf3 gives you consistent and customizable bandwidth tests. Great for identifying bottlenecks.
Command: iperf3 -s on one Mac, then iperf3 -c [server IP] from another.
6. mtr
Install: brew install mtr
MTR combines the functionality of traceroute and ping into a single real-time tool. It’s incredibly helpful for spotting packet loss and latency spikes in paths.
Try: mtr google.com . You will need to be root.
7. dig + bind-tools
Install: brew install bind
DIG is your go-to for DNS troubleshooting. The bind package includes a suite of DNS-related tools, including nslookup and host.
Example: dig @1.1.1.1 j2sw.com +short
8. Speedtest CLI
Install: brew install speedtest-cli
Want to test WAN performance from the command line? Speedtest CLI provides fast and accurate internet speed tests directly from your terminal.
Command: speedtest
9. tshark
Install: Comes with Wireshark or brew install wireshark
Tshark is the terminal version of Wireshark. Perfect for headless packet capture or automated traffic analysis scripts.
Capture command: sudo tshark -i en0 -w capture.pcap
10. nmap scripts & automation tools
Many admins overlook the power of Nmap’s scripting engine (--script flag). Combine this with simple macOS scripting and you can automate device checks, port monitoring, and vulnerability scans on schedule.
Bonus: Customize Your Terminal
- iTerm2 – A powerful alternative to the native Terminal app (
brew install --cask iterm2) - Oh My Zsh – For a more readable and productive shell experience (
brew install zsh+sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh")) - bat – Better
catwith syntax highlighting (brew install bat)
Whether you’re debugging a fiber handoff or optimizing your ISP’s routing tables, these utilities make macOS a viable (and sometimes preferable) platform for serious networking work.
j2networks family of siteshttps://j2sw.com
https://startawisp.info
https://indycolo.net
#packetsdownrange #routethelight
Discover more from j2sw Blog (Packets Down Range)
Subscribe to get the latest posts sent to your email.