EtherPeek is a well-known commercial program for the Macintosh that shows the packets going by on your network.
EtherPEG is a free program for the Macintosh that shows you all the JPEGs (and GIFs) going by on your network.
EtherPEG was written at MacHack 2000 by Sam Bushell, Peter Bierman and Stuart Cheshire.
EtherPEG works by capturing unencrypted TCP packets off your local network, collecting packets into groups based on TCP connection (determined from source IP address, destination IP address, source TCP port and destination TCP port), reassembling those packets into order based on TCP sequence number, and then scanning the resulting data for byte sequences that suggest the presence of JPEG or GIF data.
EtherPEG works with any TCP/IP network, including Ethernet networks and wireless networks like AirPort, as long as the data is not encrypted. If the data is encrypted using IPSEC, or Virtual Private Network (VPN) products like PGPNet, or Web Browser SSL encryption, then third-parties cannot view your data.
Download EtherPEG for Macintosh, including source.
Note: EtherPEG is not a supported commercial product. It is was a quick programming hack for MacHack. As such, it is published here for programmers to play with, but you will need to own a copy of CodeWarrior to modify and recompile it. In particular, you will probably need to edit Promiscuity.cp and change the port name in "stream_open("enet1", 0);" to be the name of the Ethernet port on your system that you want to use. You can use a tool called EnetStatus to find out the port names of the network ports on your system.
News Update: Saturday 9th March 2002 EtherPEG for OS X is now available.