1.800 & still problems (me clueless n00b!)

Discussion in 'Port Explorer' started by Czerno, Jul 1, 2004.

Thread Status:
Not open for further replies.
  1. Czerno

    Czerno Guest

    Hi !
    Can't get anything listed in the Socket Spy window - feeling like a n00b

    Plz can you enumerate, In a nutshell, the needed steps to initiate spying on an existing socket, review the data, stop data collection ? Socket spying is the very function I wanted to have & why I would buy Port Explorer, if...

    I am now with the new 1.800 trial version, windows 98 SE. At least it doesn't freeze but I get nothing at all in the data window !

    TVM.

    --
    Czerno < czernobyl AT mail DOT ru >
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Czerno, Please read the help file and the examples shown therein.

    Here is the introduction:

    This information is provided for experienced users.

    The ability to "packet-sniff" (capture data that is sent/received by your system) is a very useful capability to have at your disposal. Just some of the things a packet-sniffer allows you to do include:
    View and analyse the data that is currently being transferred to/from your system, a particular process, or socket.
    Log/record communications made between a client and server.
    Ensure that no sensitive data has been transferred.
    Document and analyse a protocol to determine how the client and server interact with each other.
    While Port Explorer isn't a dedicated packet sniffer (that is just one of its many features), it does have remarkable packet-capturing capabilities for a program of its nature, and should accommodate the packet-capturing needs needs of most users including experienced users. Port Explorer provides advanced non-intrusive packet-sniffing and doesn't interfere in any way with the socket(s) or process(es) being monitored, and unlike most packet-sniffers, Port Explorer gives you the ability to eavesdrop on individual sockets and processes so you can zero in on the sockets you want to capture data from without capturing data from sockets you want to ignore.

    Spying on a process or socket is as simple as right-clicking on it in the list, selecting the Process or Socket menu, and then selecting "Enable Spying". All data sent/received by the socket(s)/process(es) being monitored is then saved immediately as it is captured to capture.bin (in your Port Explorer directory). This file is not encrypted or compressed but is of a custom format - to view it properly, use the Socket Spy utility in Port Explorer - simply press the "Packet Data" radio option to view captured packets.

    Please note that packet-sniffing of any kind adds a small amount of latency to captured transmissions due the the extra processing overhead. Such latency may not even be noticeable, but we recommend using Socket Spy only when needed, ensuring it is turned off when you're not using it.

    For a detailed explanation on using Port Explorer, please see the following two examples:
    Example 1 - Capturing a request to retrieve a web page
    Example 2 - Capturing all sent and received data from a process
     
  3. Czerno

    Czerno Guest

    Your very general answer doesn't help however. I did all that and yes, I RTFM.
    I always do read'm fine manuals... No packet data shown of a running socket.

    When I was trying the 1.700, I did succeed in capturing data, but under some undetermined conditions it seemed to fail completely, maybe because I was spying on the same socket over which I was sending the remote screen data at the same time ?

    But now with 1.800, I can't even seem to see one byte of data , boooh.

    Would Wayne provide for a reset of my trial period, as this is soon to be over and I lost most of it with 1.700 when I wasn't even aware it was not current ?

    Regards

    --
    Czerno <czernobyl AT mail DOT ru>
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Did you delete the existing capture.bin when you installed the next version over the 1700?
    If you delete it now from the Port Explorer directory, does that help?
    It is recreated with the next spy, so don't worry.
     
  5. Czerno

    Czerno Guest

    O.K. data capture works :=)

    I still find it a bit difficult to master the procedures for starting/closing/clearing of a 'spy' session on a particular process or socket. Yet I re-read ALL of help (doh!) .

    Also, is there not a bug (or again, something was over my head in UI) : there are buttons for Byte/Word/Double... display in the view data window, pressing one or another of those however does not change an iota ...

    Regards. And let me say, I appreciate your helping efforts as well as the evident overall quality of this software

    --
    Czerno
     
  6. dfase

    dfase Guest

    sdsasdsasjkdhaweweweqweqwewqewqe
     
  7. eeellllyyy

    eeellllyyy Guest

    3088 PROBLEMS AND STILL NEED HELP..PLEASE RESPOND

    HI!! please help me..i just ran the program.. i knew i had spyware..my computer was a disasterr!!! i think it is less of a disaster now.. i had 3088 problems that spyware blaster found. however, everytime i try to open my internet explorer..it says for example, ''www.google.ca" cannot be found and it doesnt open so my interent explorer opens a blank white screen. then when i type a website in the address bar (any random website) it gives me the same thing!! please help!! before i couldnt type in the address bar either because it would redirect me to another site but now it is brining me to a white screen and not allowing me to open any site!!! PLEASE HELP!!!!!!THANK YOU VERY MUCHHH
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
  9. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    eeellllyyy, to be able to post your HijackThis log in the HJT forum, you'll have to register as a member to the forum.
    Go for it, and follow Pilli's wise instructions and keep us informed how Port Explorer shows you what is really going on on your system!
     
Thread Status:
Not open for further replies.