Quick question about Port Explorer

Discussion in 'Port Explorer' started by Chemical, Jun 16, 2003.

Thread Status:
Not open for further replies.
  1. Chemical

    Chemical Guest

    Whenever the program detects a trogin or a bad port, will it automatically remove it? or u have to Kill process on your own?
  2. Dan Perez

    Dan Perez Retired Moderator

    May 18, 2003
    Sunny San Diego
    You would have to do so on your own. Also, keep in mind that not all hidden sockets are trojans and not all trojan ports are used only by trojans so there is necessarily an element of investigation when dealing with this. As an example, I currently have 12 hidden sockets running on my machine but all are legit.
    Many network-related items that run in the systray will show their sockets as hidden but if you right click on the systray icon you will find that the corresponding socket entry in PE is no longer hidden (until you close the systray icon context menu)

    Also, one of the useful functions in PE is the ability to kill those questionable sockets entirely or prevent outgoing data or incoming data across those sockets until you have deduced whether it is a problem or not. Also, the SocketSpy is very useful in that respect but (I presume) the socket must be left open to capture the traffic.

    Hope this helps,

  3. Pilli

    Pilli Registered Member

    Feb 13, 2002
    Hampshire UK
    Hi Chemical, If you are unsure and are not running TDS3 or another Trojan scanner maybe the best thing to do is try the TDS3 trial version, you will have to download the latest update (Radius) file from the www.diamondcs.com.au website. Then run a full scan on your PC.

    HTH Pilli
  4. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Jul 19, 2002
    Perth, Oz
    Just add the process ID, then it won't matter if the process opens up new sockets - they'll automatically be captured :)


    PS. Nice tip about right-clicking on the systray icon to test those red sockets :)
Thread Status:
Not open for further replies.