Port-to-process mapping
(the ability of a program to determine which process is using a particular
port/socket)
is a capability very few applications in the world can do (there are less than a
dozen as of October 2002). Many programs such as netstat allow you to see
which ports are in use on your system but they don't let you see which program
is using them - this is vital information. Of the few programs that can map
ports back to their parent process, Port Explorer is the only one that:
Is compatible with Microsoft Windows 95, 98, 98SE, 98ME, NT4,
W2K, and XP
Can capture the packets going through sockets
Highlights hidden servers, a method that detects virtually all known remote access trojans
Can block the ability of a process or socket to send and/or
receive data
Has a real-time traffic/network activity log with on-screen
and file logging capabilities
Allows you to terminate/close individual sockets and
processes
Can report how many bytes have been sent/received by sockets
Can report the exact creation time of the socket
Doesn't inject any code into any processes or files and
doesn't touch or modify processes or files in any way
Can detect hidden servers - processes that have no visible
on-screen attributes, yet use sockets
Consistently provides accurate results
Supports multiple languages
Whois database searching is a capability usually only found in dedicated standalone Whois clients. These programs can cost up to several hundred dollars yet they offer no extra information that Port Explorer's built-in Whois client can't already access, because the information displayed by a Whois client is provided by remote servers that are beyond the control of the client. Port Explorer's Whois client gives you the capability to send any search query to any Whois server on the planet, giving you 100% unrestricted access to all the Whois databases in the world. Many other Whois clients sacrifice flexibility for ease of use, but Port Explorer's Whois client gives you both ease of use with the Automatic search, and flexibility with manual searching.
We've worked hard to ensure that the Automatic search option in Port Explorer's Whois client is as easy to use and good as if not more powerful than a dedicated Whois client. Lab tests here at DiamondCS show that the Port Explorer Whois utility is able to report Whois database information on virtually all known addresses inputted - no other Whois client we tested performed in this flawless manner. Please note that Whois information is not available for every address, so reporting Whois information on all addresses is not possible, but if information does exist, Port Explorer will find it.
Address-to-geographic-location resolving is a capability that few programs offer. Port Explorer is able to pinpoint the country of a resolved address and displays the geographical location on a world map. Please note that the geographical location is only accurate to within the country - it does not pinpoint cities as there is no accurate and reliable way of doing so. An example of this impossibility is if you take a laptop anywhere in the world and make a long-distance phone call to connect to your regular ISP in your home country. You'll retain your regular IP address just as if you were calling from home, and if anybody attempts to geographically locate your IP address they'll most likely be able to determine that you are in your home city, but they have no way of determining your true geographic location or if you're overseas or not - it's simply not possible using any conventional means.
Packet-sniffer - a program that has the ability to capture and record the data that is sent and received by a socket. There aren't many of these programs in existence, but Port Explorer is one of them. Port Explorer even has an advantage over dedicated packet-sniffers - it can spy on individual processes and even spy on individual sockets, allowing you to home in on the process or socket you want to spy on without capturing all the data from other processes that is constantly being transmitted and received by your system, saving you both time and disk space.
Packet-restrictor - the ability to prevent an individual socket and/or process from sending and/or receiving data. It's a rare ability and the only thing other than Port Explorer that can offer you anything near this capability is your firewall. However, firewalls still do not give you the ability to operate on a single socket as they either apply their rules to an individual port number or individual process, but never individual sockets - this is unique to Port Explorer.
Bandwidth Throttler/Speed Controller - Port Explorer is the only program we know of that has this capability. You can restrict both Send AND Receive speeds on both individual sockets and processes!
Port-killer - the ability to terminate/close an individual socket. Few programs possess this capability, but Port Explorer does and it makes the termination of individual sockets and processes very easy.
Network Traffic Monitor - the ability to show you exactly what network activity is happening on your system as it happens is a very powerful feature of Port Explorer. This capability allows you to easily identify network bottlenecks, isolate unknown and unwanted data transmissions, see which processes are currently busy, and much more!
Netstat - throw that program away! Console applications have many uses, but reporting active connections should not be one of them. There are many freely-available Windows GUI (Graphical User Interface) versions netstat, but even those aren't much better than the netstat console program that comes with most operating systems, and some are over 1 megabyte in size even though they do nothing that the small 25kb netstat.exe doesn't already do!
Even without port-to-process mapping
capability, Port Explorer still operates by using the same data that netstat
displays. Yet even in this restricted state, Port Explorer can still do what few
other GUI netstat programs can:
Terminate/close individual sockets
Terminate individual processes (and acquires powerful
SeDebugPrivilege before doing so)
Map all ports back to their host process under XP, even
without the DiamondCS TCP/IP layer (dcsws2.dll)
Highlights new and dead sockets for a configurable time
period, using configurable highlight colors.
Allows you to sort the displayed data by protocol (TCP, UDP,
All), by status (Listening, Established), and by remote address.
Port Explorer gives you an easy-to-understand view of the sockets on your system and allows you to sort and display them in any way you wish - by protocol, creation date, process ID, local port, local address, remote port, remote address, or any other way you wish to sort.
Statistics - your system uses networking all the time, so why doesn't it allow you to view and analyse network statistics? Port Explorer does, so now you'll be able to see every statistic available on your system. Statistics available cover the TCP, UDP, IP, and ICMP protocols.
Search Database - Do you know of any program that would let you know which common programs use a particular port number, or which ports are used by common programs ? Do you know of any program that would let you know what the country code of a particular country is, or what country is referred to by a particular country code ?
Port Explorer's built-in Lookup utility is the easy solution to these questions. Using comprehensive databases that are regularly updated at DiamondCS and freely available to all licensed Port Explorer users, Port Explorer is able to perform cross-searches on ports, services, countries, and country codes.
Ping / Traceroute - don't be fooled by expensive imitations - ping and traceroute are relatively simple programs, both of which are built into Port Explorer. Ping enables you to determine if a remote host is alive, while Traceroute allows you to see the route that is taken by packets sent to the target remote system.