Post #38,409
5/12/02 10:38:47 PM
5/12/02 11:00:12 PM
|
OT: re Radsoft.
Ashton writes:
[quote was] Courtesy of Radsoft. Wonder why nobody here thinks Radsoft is worth a look.. these have got to be some of the more useful tools about, when needing to work on toy OS's as *Ahem* so many are forced to do, whatever is runnin at home.. Each one is a marvel of compactness too. But not free.
Radsoft's web page is one of the more, um, inscrutable, I've come across. The tools in [link|http://www.radsoft.net/products/info.html|EPT] may be wonderful, but if he's trying to sell stuff he shouldn't make it nearly impossible to find what - specifically - one gets for their $100.
Reminds me of an old ad for advertising in McGraw-Hill publications.
An old, wise manager is saying to someone:
"I don't know who you are. I don't know what you do. I don't know how long you've been in business. ... And you want me to buy something from you?"
Why do you like EPT, Ashton?
Thanks.
{added below in edit}
Oh, Ashton, it seems that Radsoft did a bit of a debunking of Steve Gibson's security expertise last year - [link|http://grcsucks.com/unmaskinggibson.htm|Unmasking Steve Gibson] at grcsucks.com.
Cheers, Scott.
OT: re Radsoft.
Ashton writes:
[quote was] Courtesy of Radsoft. Wonder why nobody here thinks Radsoft is worth a look.. these have got to be some of the more useful tools about, when needing to work on toy OS's as *Ahem* so many are forced to do, whatever is runnin at home.. Each one is a marvel of compactness too. But not free.
Radsoft's web page is one of the more, um, inscrutable, I've come across. The tools in EPT may be wonderful, but if he's trying to sell stuff he shouldn't make it nearly impossible to find what - specifically - one gets for their $100.
Reminds me of an old ad for advertising in McGraw-Hill publications.
An old, wise manager is saying to someone:
"I don't know who you are. I don't know what you do. I don't know how long you've been in business. ... And you want me to buy something from you?"
Why do you like EPT, Ashton?
Thanks.
Cheers,
Scott.
|
Post #38,424
5/13/02 1:48:45 AM
|
Heh.. aware of the Steve Gibson opposites
The Three Faces of St Eve. Even agree that in focussing so much attention on the 'sockets' question in XP, his credibility will suffer Next wolf-call (although.. we might just see some Interesting new DOS-attacks.. any old time someone has the gumption to exploit all those New places - no?) What was that /. bumper sticker (which I'd almost slap on my own bumper, for a time) My other computer is your IIS server Cackle\ufffd Whether the "raw sockets" aspect shall play a role or not [??] Wish you'd send that exact criticism to Rick at Radsoft. In fact I am annoyed that, in his "Gallery" with icons for all the tools - there seems to be nowhere a comprehensive listing of the capabilities - especially in decoding the Names! to correspond with the tool use. I agree that his'marketing' is deficient. Since I don't exploit most of them, I can't give much of a useful review. It is a fact that most are indeed small in size; some can generate multiple data tables of related arcanery re network performance - in a few 10s of Kbytes. Dunno of one of their utils ever crashing anything of mine or on a friend's small network. Here's a sample of the doc. for just one of the more useful utils - "Spike" Spike/Spike7
Spike offers what most sockets bundles do, even adds a few new functions of its own, yet weighs in not at several hundred kilobytes but at only a fraction of that - leaner and meaner by a factor of thirty or more.
Spike is written to integrate into your desktop and your work on the Internet. It fires up and disappears immediately to your system tray. Its appearance can be toggled at any time. It retains its data from appearance to appearance (very important). It does not require copying and pasting from entry field to entry field to get the job done - all functions share the same fields.
And Spike7, a departure from Spike with many additional features, does not even need a bigger shoe. Multithreaded
Spike is multithreaded, meaning that while it's working for you, you can make it disappear and go on to something else.
All functions have their own output windows, so while you're waiting for an answer for one query you can go about dealing with the data returned from another. Less clicking in vain, more speed. Verbose Diagnostics
Spike's utilities - and especially its Block, Ping, and Trace functions - offer the most verbose diagnostics found in any sockets bundle on the market today. All possibilities are accounted for and reported on intelligently, where most Windows sockets bundles will simply print "no response". Almost all functions begin with a DNS resolution, and here again Spike reports on exactly what has transpired and does not just report back "host not found". Raw IPs
Whenever possible Spike works from raw IPs rather than go through the DNS to retrieve the details of your target, saving time and making many more targets accessible. Local Machine
The basic info returned by the TCP/IP layer when starting up. Block
Reports on IP "blocks". Starts at any URL or IP and then resolves away, pinging too if you wish, reporting on the "neighbors" and what they're up to. Chargen (Spike7 Only)
Tickles the remote server's character generator. Daytime
Not an NTP function but a standard feature of many Internet servers, which send back the time of day as a readable ASCII string, from their corner of the world, as they see it. DNS
Authoritative domain name service information on either an IP or a URL. Detours around the local hosts cache, unlike many sockets bundles which simply tell you what your local machine already knows (not exactly the point of it all). This and the other Spike functions also work well in a LAN, whereby the type of address returned can vary. Finger
Takes an email address, or often just a host. When fingering a remote server, try putting an '@' in front of the name if it doesn't work without. Sometimes the email address is only symbolic - finger InterNIC for an example. Availability is always dependent on the remote host. Some implement it to show you who's online, some implement it for other things, some do not implement it at all. But check your own ISP email address and see what's being broadcast about you. Get (Spike7 Only)
Gets both the HTTP header block (see below) and the target page. Can handle web pages of up to one megabyte (1MB) in size. Head
Unique to Spike. Gets the HTTP header block from a host, with info on web server software, operating system, the cookies it's going to try to get your browser to eat, and so forth.
Because Spike parses URLs in strict accordance with the RFCs, any port or relative page on a remote server may be used, although port 80 (HTTP) is the default. Ping
Attempts to access a remote host and reports back with the IP returned by that host and the "round trip time" (Rtt) taken to bounce back. The number of pings, packet size, timeout, and delay are variable.
Spike only makes a ping attempt once, in contrast to many other bundles, where you never know if your remote host was really accessible on the first attempt or not. Part of the idea with a ping is to find out not just if a remote host is accessible, but exactly how accessible it is. Quote (Spike7 Only)
Finds you a fortune cookie. Trace
Traces the route to a remote URL or IP. Attempts access to all hops up to three times.
Spike really tells you if you arrive at your destination. If you do arrive, you might not actually recognize the URL reported back, so Spike prints "Arrived" in its far right status window when the trace completes successfully.
Interpreting trace results takes learning: if you're suffering from a slow connection, and a trace shows that one hop is particularly slow, it's not that hop that's the culprit, it's the one before it. Whois
Tells you who someone is, given a URL, through the auspices of one of a number of Whois servers.
With the new world order as regards the accredited ICANN registrars the number of whois servers world-wide has risen dramatically. The most important of these are still the same. whois.apnic.net The Asia Pacific Network Information Center. whois.arin.net The American Registry for Internet Numbers. whois.crsnic.net The NSI referral server. Information on com, edu, net and org domains. whois.geektools.com A sophisticated Perl referral script which by using whois.crsnic.net can find almost any registered domain in the world, obfuscated or otherwise. whois.networksolutions.com NSI after the metamorphosis. whois.nic.gov The US government network information center. whois.nic.mil The US DoD network information center. whois.ripe.net "Reseaux IP Europeens" - the European Network Coordination Centre. Copy & Paste
All Spike's output windows are context menu sensitive; all clipboard operations render data in a text editor readable format. Making Life Easier
The RFC specification for a URL looks something like this: URL = Prefix + "://" + Domain [+ ':' + Port] [+ '/' + RRL] [+ '?' + Query]
Which is all fine and good when you want to access a web page, but not always so good with other ports. Yet you normally won't have to edit your URL at all - again, Spike makes life easier for you. (Spike7 will also function as a generic port scanner precisely because of its URL parsing capabilities.)
Disk image sizes: 13,824 bytes (Spike, Spike7).
Copyright \ufffd 2002 radsoft.net. All rights reserved. Alas - these descriptions (except too-abbreviated ones) are not all gathered together. Dunno if they are on the site either! Worth $100? If I were a Pro, I'd think so. Certainly helped me diagnose a few things which I'd otherwise have been clueless about - but then.. Ashton
|