If you are like any IT professional today, you're concerned about security. Mac OS X has it's own Terminal utility called nettop that monitors incoming/outgoing network connections. This might remind you about Windows "netstat" utility.
If you ever notice your network interface card taking in our out unusual amounts of traffic for no reason, fire up nettop immediately. It will give you a complete breakdown of every network connection and live send/receive packets, packet sizes, and total data transferred.
1. Open Terminal (Applications -> Utilities)
2. Type nettop
Immediately, nettop will output every connection coming in and out of your NIC's. The information will be displayed in Terminal. Nettop can be used with several arguments, shown further down this article, to help reduce cpu load and to inspect other traffic (UDP/TCP) insightfully.
You can have NETTOP running 24/7 and dumping to a text file which I check weekly. Depening how much traffic you generate, you might want to do this to - so anyone already accessing your computer files stealthly you might be able to track (hide NETTOP directory for this reason too)!
nettop -- Display updated information about the network
nettop [-nc] [-m ]
The nettop program displays a list of sockets or routes. The counts for network structures are updated
periodically. While the program is running the following keys may be used:
d Toggle delta output
r Redraw screen
p Toggle human readable numbers
e Expand all
c Collapse all
h Bring up the help menu
j Bring up the column selection menu. In this mode you can enable/disable columns and change
A list of flags and their descriptions:
Specify the mode. By default, nettop will monitor TCP and UDP sockets. The following modes are
tcp Only TCP sockets will be monitored
udp Only UDP sockets will be monitored
route Instead of sockets, the routing table will be monitored
-n Disable address to name resolution
-c Less intensive use of the CPU - draws less often