WTCS.ORG

    Garth's FreeWare Pick O' the Month('ish)

November-December 2002

Previous Selections


I wanted to put this page up because I spend a considerable amount of time searching for FREE software to help me do my job, and I have found LOTS.  I figured I would share some of it here.  I know that a lot of people still use copyrighted software, and for the most part, there is no need for it!  Check out some of these goodies, and tell me if you don't feel the same!


This Month's Selection

This update, I have found a web site that has for your downloading pleasure some GREAT IP diagnostic/monitoring/packet capturing/IDS stuff.  It is called Pack X.

There you can find some great little tools.  Two of which caught my eye.

Lite Sniffer - is an excellent packet sniffer (uses the WinPcap packet driver), and allows you to easily capture and view network traffic on any interface (including loopback).  If you use Analyzer or Ethereal, then you can simply unzip and run Lite Sniffer, adding yet one more useful tool to your arsenal!

IDSCenter - is a GUI SNORT manager, making it EASY to manage SNORT IDS on your Windows NT/2000.  If you have never considered running an IDS system on Windows 2000, then check out SNORT at www.snort.org (direct link to download location is here), and IDSCenter at Pack X.  They make an excellent combination.  I know.  I use them both!  You can set up IDSCenter to generate alerts on intrusion detected, and it will run a program on alert as well (Hmm, prehaps generate an SNMP trap?).  You owe it to yourself to use this tool if you use SNORT on Win32.

Rafale X - You need to check this one out!  It is a packet builder (again, requires WinPCap (included) that provides you the ability to check firewalls, and web servers, and DNS servers and ...


Previous Selections

Show Traffic - This program will allow you to monitor inbound and outbound TCP, UDP, and ICMP traffic.  You can select one of your interfaces and monitor the actual amount of traffic (bytes/second) sorted by (you can filter on) TCP, UDP, ICMP or all of them together.  It uses the WinPcap packet driver, so is a great companion to Analyzer or Ethereal if you have either of them installed.  An excellent tool if you want to find out what ports on what protocol a particular program or process is requesting.

Note (10Nov2002):  As of today, the ShowTraffic web site has been unavailable for about 3 weeks.  In the spirit of promoting excellent free software, I offer it for download here.  I have sent an email to the author requesting that he inform me if he does not want me to do this (so this may be a temporary thing).


OK, so I missed a couple of months.  Been a busy boy!  BUT... I have a GOOD one this month!  I have been searching for quite some time for a DECENT editor, with which to replace notepad.  OK, sure, LOTS of people have!  Believe me, I have used them all.  Here's my selection!  GET IT!  You won't be disappointed!!

I have been using a product called ConTEXT, which can be acquired at http://www.fixedsys.com/context/.  It can replace the notepad editor, and is a feature-rich editor with line numbers,  block editing, sort between braces, search and replace, support for multiple project files, and has syntax highlighting support for multiple languages (VBScript, PERL, SQL, Python, Tcl, etc) to which you can add your own.  You can even download an SNMP MIB highlighter, and THAT'S COOL!

Click here for a screenshot of ConTEXT editing the SNMP4W2K PERFMIB.MIB.

Just for fun, I decided to create an MRTG Highlighter file.  Click here for a screenshot.  If you decide to download and use ConTEXT (why would'nt you?), you can download the MRTG highlighter file here.

Well, enough ranting.  This gets one of my highest ratings!


SmartLine

SmartLine ActivePorts - This little gem is SWEET!  Ever used TCPView, or similar tools to watch open ports on your system?  There are few out there, and most watch only TCP ports.  Or some watch both, and display who is connected to them too (IP/Port), but this program goes a step further.  It tells you what program running on your system has that port open!  Even gives you the process id number!  Cool huh?  Check out this screen cap off my system ...

I have this little beauty in my start menu, along with NukeNabber (another GREAT port/nuke monitor you can get here).  NukeNabber can shut down ports for a certain period of time if you get scanned!  It has not been updated for awhile, but still works GREAT!!  I heartily recommend THAT one too!  GET THEM BOTH!!


Languard

LanGuard Support Tools - Check out LanGuard.com for three free network tools, including File Integrity Checker, Network Scanner and Port Scanner.  All excellent additions to your toolbox.  They have an excellent commercial content filtering and anti-virus gateway product as well.


SMARTFTP - This is a KICK-ASS and FREE FTP application with many features, including support for the following: FXP, drag and drop, multiple sessions, and comprehensive proxy support. Check it out!  If you are using LapLink FTP (I was), or for that matter, ANY other FTP client, you owe it to yourself to look this product over!  I would not be surprised if you see if go commercial in the future.


ANALYZER - This is a free Win32 (GUI) protocol analyzer for Win9x, WinNT and Win2000.  You must load a packet driver first (the instructions are excellent!), but once you do, you get a fully featured protocol analyzer for FREE!  It is very cool!  Check out this screen shot (click below).

Really!  If you work with networks, and want to see what's happening, this is great tool to have!

Note: If you are unable to get to it from the link above, you can get what you need from the WTCS web using the links below:

Analyzer Program  - Source / Local Copy (no guarantee of freshness)
Win 95/98/ME/NT/2000 Packet Driver - Source / Local Copy (no guarantee of freshness)


Tiny Personal Firewall

TINY PERSONAL FIREWALL - If you have a permanent connection to the Internet, and do not have some sort of firewall protection in place, WHAT ARE YOU THINKING?  Cable and DSL modems are great!  Faster than ever sure, but that comes with a price.  Always on connections leave you open to those devious types who think that doing a "dir" on someone's hard drive is cool!  And hey!  A "dir" is the least of your worries.  If you have Microsoft file and print sharing enabled, and have a cable or DSL modem but no firewall, you might be in for a shock to learn that your system has probably been compromised in one form or another.

Here's my recommendation.  GET A FIREWALL.  If you either don't want to, or cannot afford a hardware solution such as the DLINK Cable/DSL router, then consider heading over to the Tiny Software web site, and downloading Tiny Personal Firewall.  I use it, and I have tried ZoneAlarm, and Sygate.  I like Tiny Personal Firewall better, although I confess that it has been awhile since I used either of the others (perhaps I will re-evaluate them!).  TPF loads as a service, and is EASY to configure, detects changes in programs that access the Internet (i.e. if you upgrade or the file is modified).  PLUS, it has an advanced setting that allows you so set up some rather complex rules in the event you need to do that!  EVEN BETTER?  IT'S FREE FOR HOME USE!!

Oh Yeah.  Try this.  BEFORE you install it, go to Gibson Research Corporation, and run their ShieldsUp!! test.  Then install TFP, and run ShieldsUp!! again.  You will probably gain a sense of comfort after seeing what a difference a firewall can make.  Then, after you have run your firewall for awhile, check the logs!  I bet you will be surprised at what you see.

 

To return the the main page, click the Go Home! logo!