gistfile1.txt

# Process
sh-3.2# ps aux | grep " [1]3\W"
root              13   0.0  0.3  2497244  13416   ??  Rs   Thu08PM   1:52.96 /usr/libexec/opendirectoryd

# What file thinks
sh-3.2# file /usr/libexec/opendirectoryd
/usr/libexec/opendirectoryd: Mach-O universal binary with 2 architectures
/usr/libexec/opendirectoryd (for architecture x86_64):  Mach-O 64-bit executable x86_64
/usr/libexec/opendirectoryd (for architecture i386):	Mach-O executable i386

# Manuals
sh-3.2# man -k opendirectory
dsexport(1)              - export records from OpenDirectory
odproxyd(8)              - OpenDirectory proxy daemon
odutil(1)                - allows caller to examine or change state of opendirectoryd(8)
opendirectoryd(8)        - is a launchd(8) job for client access to local or remote directory systems
pam_opendirectory(8)     - OpenDirectory PAM module


# Validation

sh-3.2# launchctl list |grep opend
13  -	com.apple.opendirectoryd

sh-3.2# tshark -i en1 -c 100 -s0 -w traffic.pcap
Capturing on en1
100 
3 packets dropped

sh-3.2# launchctl stop com.apple.opendirectoryd

sh-3.2# tshark -i en1 -c 100 -s0 -w traffic1.pcap
Capturing on en1
100 


# Comparing the pcaps

# With opendirectoryd running
sh-3.2# tshark -r traffic.pcap -R "dns" |wc -l
     100

sh-3.2# tshark -r traffic.pcap -R "dns" | awk 'BEGIN{start_time=end_time=0} { if(start_time == 0) start_time=$2; end_time=$2; } END{print "Time in seconds to capture 100 packets: " end_time - start_time}'
Time in seconds to capture 100 packets: 3.58054


# With opendirectoryd stopped.
sh-3.2# tshark -r traffic1.pcap -R "dns" |wc -l
      31
sh-3.2# tshark -r traffic1.pcap -R "dns" | awk 'BEGIN{start_time=end_time=0} { if(start_time == 0) start_time=$2; end_time=$2; } END{print "Time in seconds to capture 100 packets: " end_time - start_time}'
Time in seconds to capture 100 packets: 23.101