I read in the help file that 13 plug-ins are available.

Backdoor Knock (NT)
Common Ports Check
Encryption Keyfinder
Interrogate
IRC Scan
LAN Scan
Password Changer
Netbus Emulator
NetBus Host Hunter NT
Global Network Shares
SMTP Control Module
TCP Inspector 1.0
Trojan Ports Check

I use WXP.

What, if any, plug-ins are worth loading?
Where do I get them & how do I config TDS to use them?

You should already have them. Just go to configuration and check the square to load plugins.

Thx Finn. I see where I put a check in the box 'Load Pulgins', but this loads all 13. Is this an 'all-or-none' proposition. Can only one or two be loaded?

Do you recommend loading them all?

Hi Spanky,
You only load the plugins in memory when you execute them.
Dolf

Sorry if this sounds stupid, but how do I execute them?

Menu -> Plugins ;D
Dolf

Yeah, that was a stupid question. Sorry for being a moron. Thx for being patient. This prgm is very powerful.

A couple of the plugins locked on me. No problem. No hard lock.

The TCP inspector reported it was able to connect to 3 ports:

25 - SMTP
110 - POP3
135 - NetBIOS

Do you see anything wrong with that?

I use ZoneAlarm on a cable connection.

Hi Spanky!

No, that's not a problem. But for the ports 25 and 110 there should be written "closed". Both ports are being used by your mail software. If you have NetBIOS activated (printer and file sharing) then this is o.k. as well that port 135 is open. Are you in a network and are you using printer and file sharing? If not, deactivate NetBIOS (printer and file sharing).

Don't forget that you probe your own system. If you wanna try to probe your system from outside and see how secure it is, go and do these tests:

www.pcflank.com

Best regards!

Patrice

Hi Spanky, The first two are your email, the third is your local network - 135: DCE endpoint resolution, RPC-LOCATOR - RPC (Remote Procedure Location Service .
If you are a stand alone pc disable file & print sharing, if you have a local network check that ZA is correctly set up go here http://scan.sygate.com/ and this will show if port 135 is open to the Internet.

HTH Pilli

Wow! Pilli wat a lovely new avatar and so appropriate! Applause for you!

Yes those ports can be blocked in the firewall as long as you get emails through :)

Thanks Jooske, Maybe running a bit fast?

Spanky & Patrice, The reason I suggested sygate test is that it can find your true IP addy when you are using a NAT router PCflank cannot & usually only sees your ISP's cache sever thus testing the cache server & not your true IP. ;)
I'll also add this one:
http://www.auditmypc.com:85/scanoptions.asp?S=204779YZ7V8Z7Z700
& This one:
http://www.dslreports.com/scan

Pilli

Hi Pilli!
-{ Quote: " quoting: Pilli link=board=5;threadid=8952;start=0#58374 date=1051999975]Spanky & Patrice, The reason I suggested sygate test is that it can find your true IP addy when you are using a NAT router PCflank cannot & usually only sees your ISP's cache sever thus testing the cache server & not your true IP. ;)" }-

Funny, I have a NAT router and PC Flank finds out my correct IP. Check it again with your router! ::)

Best regards!

Patrice

Well Patrice you may have a problem, although you may not be going through a cached server i.e proxy server of your ISP:

QUOTE:

IP Address test
The test could not determine your IP address.

The test has found that the IP address used by your computer cannot be scanned. This commonly occurs because of a firewall program on your computer and/or you are connected to the Internet through a proxy-server or your ISP uses Network Address Translation (NAT) to share IP addresses.

This means the test cannot check your system as the results of the testing would be incorrect.

END QUOTE:

;D Pilli

hmm, bit confused now.
when you are behind a router, ok, your computer ip is hidden. But who cares, it's about your external security and your public ip should be tested, and that ip is not hidden ???
Dolf

Dollefile, Sygate, Auditmupc & DSL can find my true IP i.e. my routers IP which is at present 80.10.76.1 (fictitious for this post)) PC flank cannot define it.
My pc's actuall address is 192.169.1.100 which is a private address used by my network and is as prohibeted Internet address & is Translated by the router using NAT.
The router is stealth to port scans according to the above sites that can see the routers true addrees, so I am fairly confident that it is working correctly.

Any other result would be worrying ;)

All of the above tests on my system indicate that they can identify my NAT but not my machine. So I get the same results with my firewall off or on. Most of the tests say that the results are not valid if the address shown is your NAT.

Hi Finn McCool, The router will show Stealth or Blocked to the probes if it is setup correctly & yes it should not make any difference if your pc's firewall is on or off as the router is doing it's job.
The software firewall (I use Sygate Pro 5) is mainly to stop or control outbound connections.
Though with TDS3 there is very little chance for a Trojan even getting on to your PC let alone making an outbound connection.
Also being able to monitor all the connections using Port Explorer can show other malware or phone home programmes.

Hi Pilli!
-{ Quote: " quoting: Pilli link=board=5;threadid=8952;start=0#58378 date=1052000953]Well Patrice you may have a problem, although you may not be going through a cached server i.e proxy server of your ISP:

QUOTE:

IP Address test
The test could not determine your IP address.

The test has found that the IP address used by your computer cannot be scanned. This commonly occurs because of a firewall program on your computer and/or you are connected to the Internet through a proxy-server or your ISP uses Network Address Translation (NAT) to share IP addresses.

This means the test cannot check your system as the results of the testing would be incorrect.

END QUOTE" }-

Well, the test doesn't find out my internal IP-address 192.168.XX.XX, but it finds out the IP, the provider gave me. 62.XXX.XXX.XXX. I'm having a broadband connection. This means, it's not my system which is scanned, it's my router. Got it now? ;)

Regards,

Patrice

P.S. The aim for these tests is to scan your system for vulnerabilities, so I would allow them to find out your IP once. Try it, perhaps you find out something new.

Patrice, I know what you are saying but in my case and that of many others PCflank fails to determine our router IP address as given by our ISPs.
Your situation is obviously different. ;D
Sygate, DSL & Audit my pc can find my real (router) IP addy.

Mhh... that's interesting in a way! I wonder why -this has something to do how they implemented the scan engine into their site I guess.

Regards,

Patrice

P.S. Nevertheless, you just test your router and NOT your system. :-\

well, if no nasties can pass my router, my system is safe from inbound connections, isn't it ??
Dolf

Dollefile, Correct! ;D And with your other security software, hackers or crackers will always go for a softer target. Looking at my WallWatcher log today I can see at least ten different compromised PCs with their probes bouncing of my router ports 137, 139 & 445 Bugbear etc.