The pane Network can be used to replace the functions that have been lost from the previous Network Utility which had been part of the operating system in older versions of macOS. TinkerTool System provides a similar range of functions and additionally contains modernized features, in particular to support today’s default network protocol IPv6.
You can review technical details and statistics on all network interfaces of your Mac that are currently active. Active means that at least one IPv4 or IPv6 address has been assigned to the network port which can be used to communicate with other devices. The get the data, perform the following steps:
The items shown in the window are automatically updated every 10 seconds.
The following details are available:
Via the item Netstat, you can review further statistics from the network management of macOS, relevant for all network ports.
The application will determine the information and show it in an additional dialog sheet. You can also print the results or save them as text file.
Please note that macOS may need several minutes of computation time before data will be shown. The information comes directly from the UNIX level of the operating system.
The following statistics are available:
To check the connection to another device in the network, it can be useful to send this device a request to report back. A test packet is sent to the other device, asking to reflect it like an echo. From the technical slang of working with echo sounders (sonars), sending a test signal back and forth is called ping.
Perform the following steps to run such a communication test:
The report that is shown during the individual ping signals indicates how many bytes have been sent to which address, the current running number of this signal (icmp_seq, Internet Control Message Protocol sequence number), the maximum number of intermediate stations the sent packets are allowed to pass (ttl, time-to-live), and how long (in milliseconds) it took until the echo came back again (time). An additional summary is shown at the end of the report, indicating among other things, how many test packets have been sent, as well as the minimum, average, and maximum echo times, together with their standard deviation during the entire test.
Not all devices will respond to ping requests. For security or performance reasons, some devices may refuse to answer. Such a case cannot be distinguished directly from cases where the destination host could actually not be reached.
The Domain Name Service (DNS) is designed to make it possible to reach other devices in the network not only by their addresses, but also by their names. This service either looks up the name for a valid address, or in reverse direction, determines the assigned name(s) for an address. You can submit such a request to the service manually any time. To do this, perform the following steps:
The response contains in each case
To evaluate the lookup request, the system will use the DNS server currently configured in the network preferences of macOS.
In larger networks such as the Internet, destination points can only be reached if the data packets can travel along multiple intermediate stations. The individual nodes of the network determine the currently best route, based on network maps, connection costs, and current utilization of the network components. It can be interesting to display the currently selected route for communication with a specific destination. This operation is known as packet tracing or traceroute.
The current route is determined and measured using a series of test data packets (similar to the ping operation). For each intermediate station, called hop, you will get one line of output. If available, it will indicate its name and address, as well as the transmission times to reach the next node. Determining the entire route can take a few seconds. Data that cannot be retrieved at the moment is replaced by asterisks.
On the Internet, names of the individual network devices, or their ports, respectively, are assigned using a hierarchical system. The names are registered for a fee at specific registration authorities. These registries establish the whois service, a database that lists all domain names currently in use. The databases can be accessed publicly to determine information about the owner of a name, a contact person for administration, a contact for technical questions, one for name abuse, the date of registration and the validity period, the responsible registration authority, and the authoritative DNS service.
For data protection reasons, not all of this information can be retrieved in each country or from every registration authority. The amount of available data can vary greatly depending on the domain name.
To find information about a registered domain name, perform the following steps:
The publicly available data provided by the selected whois service will be shown. As always, you can print the result or save it as text file.
The finger protocol describes an information service that provides data about network users live, mainly to determine how and where a user can be reached within a company or similar organization. In addition to contact details, such as phone numbers, room numbers, or email addresses, finger is designed to indicate at which computer of the network a user is currently logged on, and for how long. Querying the finger service is done via text patterns similar to email addresses, namely
where name is the short account name of the user, and domain is the domain name of the network.
Perform the following steps to get finger data about a network user:
The finger protocol was developed between 1971 and 1977 and is considered obsolete. For data protection reasons, as well as for labor law and security reasons, it is rarely used today. If it is actually used, data will usually be available in the local network only, not across the Internet.
If the finger service is unavailable, you will typically receive an error response that includes the message
finger: connect: Connection refused.
Addresses are used to contact specific network devices, or their network ports, respectively. Port numbers are used to contact specific communication end points (sockets) on a network device. Such a port provides a certain service in the network and is addressed by using an assigned number between 0 and 65,535. For example, DNS servers that have been mentioned in this chapter usually provide their service at port 53 of the respective server computer. An encrypting web server (HTTP over SSL) typically offers its service on port 443.
It is technically possible to check whether a certain network device has opened a port on a specific number, even without sending actual payload requests to this port. This way, it is indirectly possible to determine whether a device provides the service that usually belongs to that port number, and whether that service can be reached. By testing a range of port numbers, it will be possible to spy out which network services are likely to be expected on a particular device. This does not need to be known in advance.
On the other hand, if a certain service should not be publicly visible for specific networks, this technique can also be used to verify that the associated port has been blocked successfully, and its service cannot be reached. Searching for open port numbers is called port scanning. Perform the following steps to conduct a port scan:
Warning: Do not use this feature unless you have permission from the owner of the destination computer. Due to the aforementioned espionage possibilities, a port scan can be considered a malicious act if used for a device of a foreign network. Its owner or your Internet provider could take legal or technical countermeasures.