Is it really worth $30?

Discussion in 'Port Explorer' started by ajax, Feb 8, 2003.

Thread Status:
Not open for further replies.
  1. ajax

    ajax Registered Member

    Joined:
    Feb 8, 2003
    Posts:
    7
    I am a proud registered owner of TDS-3 and am happy with the purchase, but after downloading Port Explorer there is no way this thing is worth $30 in my humble opinion. I played around with the features and almost all of them in the demo version are available for free. I can see all the ports established, listening and connected with process IDs using netstat -ano. I can then look up the PID in taskmgr and know what app it is. Or I can use the free Active Port software to get the same infomation on one screen.
    (1) so all the tabs--ALL, TCP, UDP, Remote, Listening and Established are readily found using free apps

    (2) The VIEW and SETTINGS menu offers nothing of significance.

    (3) The UTILITIES lookup, ping, traceroute, whois, resolve and command prompt are also freely available. The only one in this menu of significance is the Socket Spy, which is disabled so I can not comment on it.

    (4) The LANGUAGE and HELP tabs are useless.

    Ok so all that is left is right clicking on the process or socket in question and getting a few more options. The Kill process option is just as easily done in Task Manager. The kill socket is done in TDS-3. The resolving and all can be easily done by going to http://www.all-nettools.com/tools1.htm. Therefore all that is left is (a) spying (sniffing) and (b)selectively receiving or sending data for study purposes. Both of these are disabled in the demo (which is exceedingly unusal since these are the only unique features in this program). The selective sending and receiving feature is nice for academic usage, but for practical purpose I don't want a Trojan on my system at all, not even to study it. If I see one I delete it. I already know what they do and what kind of data they send and additional observation would be for entertainment purposes only. Finally the spying or sniffing feature can be done using filters with Ethereal, another free, excellent program.

    So I sincerely would like someone to explain to me why I should spend $30 on a program that can be obtained basically for free using 2-3 other programs that can all be run simulatenously on the same screen (not much of an inconvenience in my opinion) I really don't want to come off as a jackass. I love TDS-3, it is one of the best purchases I have made and I was very excited about a new product from a company I respect. But after downloading this severely crippled demo, I am cleary not impressed. Please enlighten me and thank you for wasting 5 minutes of your life reading this :)
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Welcome Ajax.
    Why for you help and language items are of no use puzzles me: you know, the world is bigger then only english speaking nations, and look around, many can't do without spell checkers.
    The helpfile is found very informative, where you'll find more tips and explanations about functions we did not even know when beta testing.
    You don't close sockets from sending just for trojans: ever read spam mail from your inbox? Close them and you're not traced back, if you forgot to configure your email client closed tightly. Or a website you're visiting, so many reasons.
    I had some portmappers, which were not functional, nor trustable in their results, and the one lacks this function, the that..... About those comparisions you can read the PE website.
    This socketspy is rather unique and i do want to inspect some packets, even if no potentional trojans.
    I like the automated whois, of course, as it brings me more and better results then many other whois services and spares me lots of time looking and digging around. You might be aware even one of the most favorite sites for that, SamSpade can't deliver lots of info anymore, so i'm happy with this detailed PE whois..... etc etc etc
    And the ping, if it's not for sites being up or to your own IP addresses for speed or connection control there are other uses. Our DOS box was not free in the first place, being part of windows we are supposed to pay for in the first place, but with TDS you can do ping and trace as well, of course, preferred over the DOS box for me as i don't need to do anything extra if i want to keep and copy the results and less typing.
    There is so much more, anyway, i didn't doubt a single moment and enjoy the PE from the first moment, and so do so many. I'm sure you read TDS users comments about PE in the private forum as well.
     
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi ajax,
    You are correct in saying that most of the utilties are available for free.
    PE puts all of these utilities in a customisable fashion & readilly at ones fingertips - For me that makes it worth every cent.

    IMHO The View & Settings menus are a very useful addition adding to PE's versatillity.

    Spyinfo adds packet sniffing which can be used easily along with al the other components in an easy to use format with a good help file and unsurpassed support.

    Version 1.4 due shortly will also have the added abilities in logging. (top of my wish list :D)

    PE is still "young" & will only get better as it matures + DCS's added value always shines through for me.
     
  4. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Hi gang,

    i totally agree with Pilli

    ...and just want to add some comparative arguments:
    maybe you can compare it best to Atelierweb's Port Traffic Analyzer (AWPTA - http://www.atelierweb.com/PTA/) which also does the Netstat/Sniffing/Lookup/etc. This has been on the market a bit longer but hasnt evolved so much lately. (It's still on 1.1. and really has some of the weaknesses described on DCS's pages.)
    And the pricing for that AWPTA proggy is like this: You can pay $32.50 for "Free upgrades within the minor release or within 2 months of purchase, whatever comes last. Ex: All upgrades from 1.1 till 1.2 (exclusive of 1.2) if the user purchased within that range." Longer upgrade periods cost more (up to $43.50).
    So considering DCS's R&D and their normally rather generous upgrade policy, IMHO DCS PE can compete very well with AWPTA. For me that (and i like PE's interface better) makes it come out as the best tool - of those at least that host all those features in one app. True tho that whether you consider this integration worth about 30$ that may be another question...


    ...okay some afterthoughts (after: after having read DCS's PE vs. other Mappers - Page):
    You normally leave PE running to have a real-time monitoring, which is somewhat complicated to achieve with Netstat. And to this adds the fact that it "comes with a Reduce Memory Usage feature that swaps Port Explorer from memory onto disk" and the little CPU it uses. That's quite important IMHO. ...And finally, from hearsay i understand that some malware programs do their stuff so-to-say "below Netstat's radar" and while i cannot say much about this, i doubt that this would be possible with PE.

    ...just my .02$

    CU,
    Andreas (on one of my rare visits ;))
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    :D Andreas, Nice to hear from you again & thanks for your thoughtful input.
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Andreas! Welcome so much and thank for sharing your visions. I love the realtime netstat overview and closing traffic to have a better look at it in the meantime or stopping receipt of any data from websites/emails without closing my firewall, those things......
     
  7. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Hi Ajax,
    It totally depends on what you do with your system as to if Port Explorer is worth your money or not. I also see you forgot to mention some other important features of Port Explorer, mainly the trojan detection and port database. Also the language translations allow people other then English speaking language to finally use a lot of these tools properly. I receive emails telling me that the language translations are better then what is found in Microsoft's own versions of some of the utilities. This is a credit to the wonderful language translators that Port Explorer has.

    Having the ability to do things like "resolve, whois, ping/trace and lookup" with a single right-click on any socket is a lot quicker then, copying the IP, loading the resolve, whois or ping program, then pasting it in and getting the results. All of Port Explorer's utilities are easy to use and follow a pretty similar formula which in my opinion would be faster to use also.

    Another benefit is the resource usage, try loading up all the seperate utilities programs that do what Port Explorer can do and check out the resource usage. Port Explorer still uses less memory then most programs with just "port to process mapping" even though it has many more features.

    Port Explorer offers nearly every network tool you will need, in an easy to use, low resource using program. Sure it overlaps a bit with TDS-3 in some areas (trojan detection) but if you need to know a lot about the state of your networking system on your computer you will be hard pressed to find another program which tells you so much in so little time.

    We also are adamant at improving our products and listening to the users of our programs. We will be releasing version 1.400 of Port Explorer in a few days which includes more features that people have requested.

    -Jason-
     
  8. PuMA`

    PuMA` Guest

    Free and more reliable than Port Explorer:-
    http://www.sysinternals.com/ntw2k/source/tcpview.shtml
     
  9. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Nope, free yes, more reliable absolutely no, less options yes, nice yes, good alternative no, good on all windows systems no, resources brbrr, etc.
    I'm soooo happy with my socket spy and the close send/receive, showing hidden processes/sockets and spy ability on them before deciding killing them or not as i've seen this weekend nicely in action and which without PE never would ahve been discovered/solved in the first place avoiding any further damage.
    I'm not even trying to convince, why should i? For me time, space and resources are money too and i saved sooooo much time having all in one hand and uninstalling lots i no longer need.
     
  10. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Hi,
    some time ago, i had a look at it and at its companion TCPView Pro. It's true sysinternals/winternals have a reputation for making outstanding software (and i wouldn't agree with Jooske in them not being just as efficient and reliable as DCS tools), but for my purposes, i had to find out that the port-process mapping was done only in the commercial TCPVPro.
    Obviously this has now changed, because on the page you quote it says:
    (notice that bit about "XP"?) ...and a bit more at the bottom:
    Now that TCPView Pro costs ... tadaaa : 69$ ...

    But considering the software that normally comes from those fine people, i suppose there are some (few!) features in either the free or the commercial version which remain to be implemented in PE ... and surely will be soon, and you will get an update for free (at least that's what i suppose), once you've paid the 30$.

    hinthint. From the TCPVPro page:
    I bet we won't have to wait very long for those :D


    Finally, some words about resources.
    Jason:
    My ATM 3.0:
    CU,
    Andreas
     
  11. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Puma I do believe Sysinternals TCPView (not PRO) is the best free port to process mapper so compared to a similar bare-bones and free port to process mapper like Active Ports, it wins.

    -Jason-
     
  12. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Is Port Explorer worth $30? Is TCPView Pro worth $69? :)

    I would encourage you to read this page, entitled "Problems Associated With Other Port-To-Process Mappers" (it's a fairly long list!).

    In wanting to create the best port-to-process mapper we possibly could, we obtained copies of all other existing ones and thoroughly analysed each one to determine it's strengths and weaknesses. Port Explorer suffers from none of these weaknesses - all hurdles have been successfully overcome. As for the Sysinternals one being more reliable, I can assure you they are not as we've done more testing with the Sysinternals ones than any of the others. Try running them side-by-side and you'll see :)

    There's so much more to it than port-to-process mapping though! For example, many people have reported to us that the Whois client works better than dedicated Whois programs that they paid $30-$100 for. It's also the only program of its type with packet-sniffing and data send/receive blocking capability. I could go on and on, but the help file adequately explains all of this. :)

    So I encourage you to download and try the evaluation version, read the helpfile so you understand exactly what powers the program gives you, if you have any questions then feel free to email us for support, and then make up the decision for yourself. :)

    Best regards,
    Wayne
     
  13. PuMA`

    PuMA` Guest

    If you try TCPView from Sysinternals (the free one) on Win2k, you will see it maps ports to processes perfectly fine - despite what the website says! ;) I've been using it since forever and you really can't beat it for Freeware!
     
  14. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    I have also used TCPView from Sysinternals on a win2k box and it works fine.
    :)


    I think Port Explorer is worth $30 and also know many free programs out there with good capabilities. Some individually that can even do more at this time.

    But I am wondering if those who posted and did not agree with the price... if they had a lower sum in mind ;)for this Port Explorer or is it that they would not buy it at any price?

    I also think the developer will be adding additional capabilities in the future to this product.

    It is nice to have many of them all under one app.
     
  15. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hmm and the upgrades for free not to forget.
    Primrose, we're already betatesting a next version, so you might like to email Jason / Wayne which additional functionallity you like from which other product to have a look at or for the wishlist.
     
  16. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    I would like it to have the ability to create Peace in the World and make a fast connection to the Wilders Security Forum for everyone. ;)

    Other than that, I am confident Jason / Wayne will incorporate additional functionality that will satisfy everyone.

    That is how free enterprise prevails.
     
  17. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    In TDS we have the friendly greetings and Tip of the Day's, besides scripting possibilities in which you might like to edit some extra uplifting messages.
    As i keep TDS and PE running all time for me there is no need for an extra scripting function in PE too or it would be a message button using whatever sound/speech function.
    The satisfaction of PE creates already peace in itself, doesn't it?
    Let Peace start with me, with yourself.
    The fast connection to this place is there already, i think?

    Yep, we're looking forward to next additions for betatesting and release of the next version to the masses :)
     
  18. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Keep up the good work Jooske.

    Hugs,
    John
     
  19. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Port Explorer shows more information about the sockets compared to TCPView. For example Port Explorer will show you the IP for UDP sockets something which TCPView doesn't. This allows you to see phone-homes from Microsoft on Windows XP/2K, and the IP's in UDP based games like Quake , Warcraft etc. Doing "phone homes" in UDP sockets is a sneaky way of doing things since Port Explorer is one of the only programs that allows you to see this. Netstat, TCPView, etc, just show the socket as "Listening *.*.*.*"

    Not only does Port Explorer show you the phone home it allows you to record all the packet data that it sends back to Microsoft or even block it from sending/receiving . Of course Microsoft isn't the only company which does these sorts of things so its good to have something like Port Explorer to find out if any of your programs are doing phone homes.

    As I said previously, if ALL you need is a bare-bones Port to Process mapper, which only shows a small percentage of available information, and you are on Windows 2K or XP, then something like TCPView is all you will need.

    -Jason-
     
  20. Iamtech1

    Iamtech1 Registered Member

    Joined:
    Feb 15, 2003
    Posts:
    1
    I must say that I have found PE to have qualities and potential. Additionaly the fact that the authors actively participate in these forums is indeed a plus. To me its worth the $30.00 to have all these options at my fingertips.

    I hope that the authors continue to imporve this program and take it to higher levels!
     
  21. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    As always we will continue to improve all of our products :). Thanks for the kind words IAmTech1.
    -Jason-
     
  22. ajax

    ajax Registered Member

    Joined:
    Feb 8, 2003
    Posts:
    7
    Well after reading the replies and seeing the creators of the program respond to the thread I am very close to purchasing it. It's just that $30 is a little much for my student budget, but I think I could benefit from the amount of knowledge I gain from using this app. I like the promise about updates, but how often will the product realistically be updated. I'm afraid after a couple of months, product development on this will stop and development time will be put into a new product. I've been waiting forever for TDS-4, seems like people have been waiting for Wormguard4 (I think that's what it's called), the website for TDS-3 is never updated, and now the forum for TDS-3 has disappeared from their site. I know there is one here. I guess it just seems like I may be paying $30 for a product that will rarely be updated. Maybe the helpful people on this board can convince me otherwise. The track record doesn't appear to be the best (although I am very pleased with how often trojan definitions are updated). Thanks alot for the imput guys!!!
     
  23. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hello again Ajax,

    We are currently Beta testing a new version (1.4) of PE which includes several items on users wish lists & I, for one, am very happy about the progress being made.

    DiamondCS are very thorough when producing new releases &, from my own experiance, myself & other beta testers try and put the various programmes through hoops of fire before Wayne is satisfied & releases new or updated products.

    TDS3 & WG3 are still the best products in thier respective fields & TDS4 + WG4 will move the goalposts even further from the competition.

    So $30 dollars may appear to be expensive but with the added value I don't honestly think that you can lose! :D
     
  24. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Hi ajax,

    Could you explain a little more regarding the above quote from your post? There are two forums in support of TDS-3. There is the one you mentioned, (i.e. >> "I know there is one here"), which is the official "public" forum for TDS-3. There is also the private support forum for registered users, which is located at an address that is rarely posted publicly, since it is accessible only to those who have bought TDS-3. But, that private forum is also still available...

    So, what exactly do you mean by "and now the forum for TDS-3 has disappeared from their site"? Is it merely that the link to the forums are not listed at the TDS-3 website? Or, are you concerned that maybe the forums for TDS-3 and Port Explorer might end up going away?

    Best Wishes,
    LowWaterMark
     
  25. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    :D Ajax I can assure your that the DCS private forums are running & very active, there has never been a public forum on the DCS site as far as I know?

    Wilders is the only Official public forum. :)
     
Thread Status:
Not open for further replies.