Packet Sniffer Recommendations

[John]

Can anybody recommend an easy-to-use packet sniffer? My
firewall settings (Trend Micro Pc-Cillin 2002) are set
for maximum security, but lately I've found that two
ports (445 and 1025) are wide open, and the rest of the
first 1056 ports are closed but not stealth (with a few
exceptions). A few months ago, all ports were stealth and
only two (0 and 1) were closed and none were open.

Ad-Aware6 shows nothing. Virus scans are clean. The
Cleaner (a trojan detector) shows nothing.

I'd like to find out what is opening these ports and
causing my others ports to show as closed but not stealth.

I've downloaded Ethereal and the WinPcap downloads
required by it, but I can't install it; it is way to
complicated for me.

I'm using Windows XP home edition.

Can anybody help?

John

 

[CZ]

Can anybody recommend an easy-to-use packet sniffer? My
firewall settings (Trend Micro Pc-Cillin 2002) are set
for maximum security, but lately I've found that two
ports (445 and 1025) are wide open, and the rest of the
first 1056 ports are closed but not stealth (with a few
exceptions). A few months ago, all ports were stealth and
only two (0 and 1) were closed and none were open.

Ad-Aware6 shows nothing. Virus scans are clean. The
Cleaner (a trojan detector) shows nothing.

I'd like to find out what is opening these ports and
causing my others ports to show as closed but not stealth.

I've downloaded Ethereal and the WinPcap downloads
required by it, but I can't install it; it is way to
complicated for me.

I'm using Windows XP home edition.

John:

I use Ethereal.
The problem is not with the sniffer app, it is with the large amt of
knowledge it takes to understand what the sniffer is showing.

Also, a sniffer will not show you what service is holding a port open, it
will show you what protocols and ports are in the frame, and then you need
to know how to relate that to other issues. Learning all of that is not a
small task.

Port 445 is part of Windows XP networking.

A thought: why not load ZA free, then test it with ShieldsUp at grc.com?

If you want excellent "primary" protection, buy a router.

 

[Jim Macklin]

AnalogX has a packet sniffer www.analogx.com

ZA is a better firewall.


| >> Can anybody recommend an easy-to-use packet sniffer? My
| firewall settings (Trend Micro Pc-Cillin 2002) are set
| for maximum security, but lately I've found that two
| ports (445 and 1025) are wide open, and the rest of the
| first 1056 ports are closed but not stealth (with a few
| exceptions). A few months ago, all ports were stealth and
| only two (0 and 1) were closed and none were open.
|
| Ad-Aware6 shows nothing. Virus scans are clean. The
| Cleaner (a trojan detector) shows nothing.
|
| I'd like to find out what is opening these ports and
| causing my others ports to show as closed but not stealth.
|
| I've downloaded Ethereal and the WinPcap downloads
| required by it, but I can't install it; it is way to
| complicated for me.
|
| I'm using Windows XP home edition.
|
| John:
|
| I use Ethereal.
| The problem is not with the sniffer app, it is with the
large amt of
| knowledge it takes to understand what the sniffer is
showing.
|
| Also, a sniffer will not show you what service is holding
a port open, it
| will show you what protocols and ports are in the frame,
and then you need
| to know how to relate that to other issues. Learning all
of that is not a
| small task.
|
| Port 445 is part of Windows XP networking.
|
| A thought: why not load ZA free, then test it with
ShieldsUp at grc.com?
|
| If you want excellent "primary" protection, buy a router.
|
|
|
|
|
|
|
|
|