Beginner to Port Explorer

Hey guys. I just purchased Port Explorer the other day and must say.. I am completely lost with what to do... Does just letting the program run take care of everything for me? Basically.. what should I be made aware of and how should I go about tackling any problems I encounter that the Port Explorer program finds out for me?

If anyone could go into specifics about this one, I'd really appreciate it..

Jordan

 

Hi Jordan, Port Explorer is a very useful tool indeed Spend some time reading the help file and the threads here for a better understanding of PE's uses. When you ahev learned a bit more please post any further questions you may have.

Pilli

 

Hi Jordan,
I can't say that Port Explorer is just a run and forget by a long shot. It is a very hands on tool and if your hands aren't on it I'd leave it turned off unless you just want to use it to log things.

First thing I'd look for is if their are any hidden processes. If so be suspicous that spyware or worms trojans or viri are active on your system. Start looking up the process names on Google. If you find stuff leaking data you can kill the process with the right click menu. Then use your malware detectors to clean it up right so it doesn't come back on the next startup.

It will be a learning process for sure. All kinds of stuff sends and receives data on your machine. As you go you will want to limit it as much as possible . This takes time but starts with a clean machine. Start looking up all other the processes you don't recognize on google too.

Many processes are necessary, some are optional, windows configuration might help, some require special programs to shut down ports. Some you'll fix with your firewall and antivirus/trojan. As you limit traffic to what you want you might notice your machine running smoother (or worse).

Any time my machine hiccups on the internet I start with Port explorer. Start right clicking and reading the help file like Pilli mentioned.

Glad your here

 

Hi Jordon,

Port Explorer is an information tool. It lets you know which processes/programs on your computer are trying to access which remote sites. This is valuable information if you are trying to determine whether there are trojans or keyloggers or other unauthorized processes running on your computer that may be sending information to another remote site.

Just to start you going:

1) You are basically looking at which processes (programs) are accessing your network and Internet.

2) A good place to start is to understand which processes are running on your system and familiarize yourself with them.

3) You may also want to familiarize yourself with the remote addresses that the processes are accessing. You can use ProcessGuard to get the name of the owner of the remote address so you can tell which process is accessing which remote site and for what reason.

4) Any process in red (there probably aren't any) are hidden and you want to pay particular attention to these.

Start slowly and you will gradually get the hang of it. After you read some of the help files, I am sure there are many users who will help guide you through the process of using Port Explorer.

Cya,
Rich

 

Basically, Port Explorer is an alert system. First, if you notice strange things happening to your PC open it up and have a look at the programs and processes which are running and try to identify that they are legitimate programs you have downloaded. Secondly, and this is where it's beauty lies, if you notice your internet connection lights on for any lengthy period of time and you are not downloading or surfing you'll want to open PE up to have a look who or what is using your connection. If it's just your anti-virus updating ok but if it's something which you never installed but is using your connection then you can Google it and if you find out it's malware then you can kill it and then search for the program and uninstall it or check with an anti-spyware or anti-virus or anti-trojan to remove it.

PE tells you what or who is using your connection so you can be sure it's not malware or if it is then you can take appropriate action. The largest problem with malware is that it goes undetected (stealth) and eventually downloads other malware which can cause you a lot of serious problems. PE exposes any stealth programs trying to use your connection so you can quickly and easily get rid of them. An invaluable tool for exposing spies.

Dave

 

Next step after the above, you don't know the application enable spying on it, and in the Utilities > socket spy you can see the kind of data packets transmitted, if there are any, in the right column the most readable available of them. So you can decide to stop sending and/or receiving or kill the application altogether.
The other side (if it is an internet connection) does not notice you're spying on the packets, only if you would be hacked, have a keylogger installed or those things, so spy ahead on every process you like.
But a little word of warning: the spy data is collected in the capture.bin in the Port Explorer directory. And it grows rather fast! So either you might like to stop spying after a short while or clean out the data packets with the button, or you can save the capture.bin away with another name for another review an onther moment; Port Explorer will create a new one so don't worry.

When do you know applications or sockets could be suspicious? They show up as hidden (default red characters). If you have minimized a program (like TDS ) to your systray, it will show as hidden in the Port Explorer display (which is all corrrect!) till you click the systray icon of that application and it will show up normal black again.

Lots to play with and to read the manual!
Have fun!