Hi,
I have bookmarked it and also added your RSS feeds, so when I have time I will be back to read more, Please do keep up the great work. .
Thanks
Tom

For everyone: If you need a packet sniffing tool, one that is pretty good is Microsoft Network Monitor. It comes with a range of parsers. Useful for figuring out why a specific application requires the Internet, or for learning about a program's online interface (I did that with Crayon Physics Deluxe).

#8 JohnnyBoyRebel -
Go back a little in time, before computers were around, and then you will understand what #4 meant when he used the term 'Trojan'.

Maybe you should read a little as well.

According to http://www.ids-sax2.com/OnlineStore.htm
the price of the product is $259 with a 30 day subscription or $329 with a 1 year subscription. Subscription renewal is $99.
What is a subscription: Not defined. I see nothing in the license agreement (http://www.ids-sax2.com/license.htm) indicating that the program is licensed for a limited period - it's all about how many copies can be installed per license. So I'd say a subscription is what it is elsewhere - you get all updates released during that period. Assuming I'm right, then you're looking at future costs of
a) nothing if you want to stick with the current version or
b) $99/year starting a year from now. IMHO, if you need a product like this and it delivers what it promises, you need to keep up with the updates and $99/year is CHEAP! As far as the no commercial use language, install it at your business but don't use it commercially; just evaluate it for a year. If you like it, pay them their $99 and start using it for real.
It would be nice to hear from the developers in the next couple hours.

Sax2 is a well-known and well-respected piece of network 'packet sniffing' software. If 'something' is going through your network and/or router which is unexpected, then Sax2 (in the hands of a network expert) can trace and store individual data packets which your network expert can use to assist in analysis of said problem.

If none of the above made any sense to you, don't worry: you don't need to use this program. Just move on and wait for tomorrow's GOTD!

If you don't have at least a router (i.e. you have a home PC connected to Internet via an ADSL or dial-up modem), this program is extremely unlikely to work on your PC. Again, just move on and wait for tomorrow's GOTD!

To those making 'knee-jerk reaction' comments about today's GOTD author and his nationality, whilst clearly having little or no clue what Sax2 does, please don't make uninformed comments here: you'll just confuse others. Also, does anyone object to using SoThink software from previous GOTDs? Because they are ALSO a Chinese company, and I've found THEIR software excellent!

I tried the program last time and I thought it was a very good program, but most of the software capabilities I would not use at home on a single computer.

If I'm not mistaken, software like online armor (firewall) and others have HIPS protection and will tell you a lot of information about your computer connections.

I found that for a single user it was an interesting software that certainly could teach me a lot about what was happening, but in the end I vouched for the firewalls to do the job themselves.

Mind you, if there was something going on and you really need to know everything that's happening netwise - grab it..it eased my mind to know about it.

All I can say is huh? I tried to look up the creds too and to me they look like non-creds. My opinion only. Do I need this? I don't think so. Where is Mr.Ashraf on the days that there are giveaways like this?

If you are getting to the stage where you have enough computers that you may need something like this and your modem isn't a firewall/router- then perhaps you should look at a dedicated firewall - something like an old P166 or above with about 256 meg ram and install Smoothwall. http://www.smoothwall.org/ - best of all it's free!

Gives you total control over what comes in to which computer and what goes out - the only ports that will be open are those that you choose to have open - configurable for each computer and now also works with wireless connections....

26 & 27 On the FAQS page it explains the difference between a firewall and a IDS. They are two different things.
Check out here. http://www.ids-sax2.com/FAQ.htm

I tried it anyway. I managed to make it work, but then I had no Internet access. It was like it took control of my network card and rendered everything else unconnected. Damned if I could figure it out, so I used YourUninstaller to uninstall it. It leaves a bunch of crap behind in the registry if you were to just uninstall it normally.

If I'm not mistaken, ZoneAlarm free lets me know When someone is try to hack my computer or send information without my knowledge.
Or I could be wrong again. It just seems to me this program wants more free access than I care to give freely.

Every time a new version of this comes out it is given away here. So even if it only works for 1 year you will likely get the upgrade for free when it comes out as long as you monitor this web site. It does have it's uses for security minded individuals. If I remember right they said it could be used for small business use (5 users or under if I remember correctly) or for testing in order to purchase in the future. Now mind you the average user with little knowledge of the internet or it's protocols would probably be better served by something else. Still for advanced users you will find some very useful tools here.

I don't understand why people are soooooooooooo "scared" of Chinese softwares ?? They seem to be happy using Chinese Computers !!! :D ... Gee I ain't saying that you should trust Chinese S/Ws, but do you guys really think that S/W vendors from other countries are angels of heaven ?? Hell, nobody asks GOOGLE a damn question or stop using it (ever wonder how come you always gets ads relevant to your emails in inbox ?? isn't it intrusion of privacy ?? )...

Its just way too much racial to think that Chinese stuffs are crap (some are really crappy though)... Because we are surrounded with loads of crap !!!But if you really have "little" experience with S/Ws and Internet, you can figure out what is good and what is not ... OR, just develop something of your own .. :D ..(well I will choose the first option)...
I've always appreciated work of GOATD Team. And these people are doing really nice job here. So, if some in the flock don't think its a good to have chinese s/w then just dont download it. I wrote this bcoz I just can't stand for guys like #15 (Joji !!) who does even not know that, Singapore is not part of China !! ... God help him ...

It looks like they have improved UI compared to last giveaway version. Very hand software as IDS/IPS if you are geek enough to understand and make it work.
But this software reminds me a quote from one interesting movie ... "Who Watches the Watchmen ??"

Cheers,
Jack

Sounds kind of like Black Ice Server in a different package. And why in the hell would it need its own LAN card just for that?

Oh! Also.... 1) if you are complaining about the price (and I admit the latest price is rediculous), It is free for a year. If you like it, the free version is worth using. AND 2)For those who talk about router protection, most home users do not have their router configured properly. Plus Many bot and virus attacks aare now residing on these weakly defended routers.

I've been using this program since it first came out, then I got the full program frrom GOTD. This is a nice piece of software to add to your arsenal. Though, I do suggeest that if you are looking for simplicity, this isn't the program for you. As was said above it's a steep learning curve. But, with the volunteer work I do iut has come in handy. Anyone who says this won't detect intrusion into PC's is dead wrong. I am with a group that often deals with Hackers, spammers, scammers, and Waaay worse, and this program has kept me in the loop when they have tried to hack back at me. Especially the nigerian scammers.
as for all the talk about Chinese, You would be amazed at how many good programs have come from the chinese......much more than you know. Unless you actually track all of a company's holdings, i would roughly estimate that over 90 percent of you have chinese programs on your pc's that you use everyday. I'm not saying don't be careful, I'm saying in 2010 drop the bigotry.

I have this on my laptop from the last giveaway. In my opinion, it's one of the most effective products that they give away. I use Snort as my primary IDS ad while this isn't nearly as flexible it is able to detect a majority of the different attacks I have thrown at it.

It doesn't have to be installed on a gateway computer, but you will want it within the same segment you want to monitor. It works on a PC, however it will not recognize unsupported network cards. (Which apparently has a few very common cards among that list.

I've thrown a lot at this one and while it is not Snort, it's not bad either. Much easier to use than most of the other IDS systems out there and simple enough for the average dude to see whats going on.

Ax3soft Sax2 apparently doesn't support win 7 -- surprising given the popularity of the new Windows OS -- especially so with all the rumors of win 8 being out next summer. Nor does it appear to handle Home Server, or other current server versions from MS.

If you do install/run it, Ax3soft Sax2 basically just monitors your network -- while it can shut things down if it decides something's not right, it's up to you to decide if everything's OK or not, & take whatever steps to fix any problems. Your A/V software is probably set up to alert you & block on-line access if your email app starts sending out a flood of e-mails, indicating your system might be compromised, & is being used to send out spam. Similarly Ax3soft Sax2 could show you for example if there's too much outbound traffic, so you know to look for any mal-ware causing it, but you need to figure out if there's too much traffic in the 1st place by looking at & analyzing Sax2's reports. If/when Sax2 is set up on a network choke point, where it *sees* all traffic, it monitors all that traffic, but it doesn't know about what it doesn't see... e.g. 4 PCs connected in parallel to a stand-a-lone switch or gateway box need a copy on each machine, since all traffic doesn't pass through a single PC or server. Sax2 can also take a closer look at what exactly is traversing your network: "Monitor all conversations and reconstruct packet stream.", again *as long as* it sees that traffic.

When you're running a biz, in many countries it is your responsibility to provide a safe, non-threatening workplace, & some feel that includes closely monitoring your employees. Obviously you also don't want to pay someone to goof off on-line, nor do you want them opening the doors to mal-ware that could infect your network. From the little I've read about it, in the UK you may wind up needing to ID & monitor *anyone* connected to your network, including free hotspots or access [so anyone downloading something the gov says is illegal can be found & prosecuted]. Those are a few of the situations where something like Sax2 could be mandatory. For the home user, not so much... do a simple cost/benefit [pros/cons] list, figuring out if the time you'd spend setting up monitoring on your network, then going over the data Sax2 provides is worth it -- from their home page: "Sax2 supports many database, such as SQL Server, Access and so on, which let user to store the huge data flexibly." IOW there can be a LOT of data. ;-)

Instead of a bunch of brain-dead comments, read the help so that you know what this is and how to use it. While it's designed for networks, you can use it on a PC to monitor network traffic related to that PC. Sax2, Log Analysis, and PacketsDump all need to be run as an administrator (set the Compatibility). Version 4 is listed as a beta, and I did notice bugs, such as events listed/counted/viewable in some places but not others, although I'll check it again after I reboot.

Sorry I can't comment on the effectiveness of the program - it may work well for small business.

However, when I went to the main website, I saw a familiar logo that stated the program was an "SC Awards 2009 Editor's Choice". I read Secure Computing magazine regularly and was a bit impressed...until I looked closer. The Logo actually says not "SC Magazine", but "SC www.GETABEST.com", with the SC standing for "Software Catalog". Go to http://www.scmagazineus.com/ and compare the logos.

A bit misleading, though I don't know if the fault lies more with Ax3oft's or GetaBest, but in any case, I would suggest that the Logo be changed.

This program I have enjoyed since it was given away on 5-19-2009 it has served my company well and has prevented many attacks on our servers. Since my subscription was almost up this is an added Bonus for me today. Thanks GOTD.

Pretty much, if you have to ask what this is for, you don't need it. So don't install it.

Now, see, THAT wasn't so hard to understand, now was it?

A BIGGER issue, though, is the GAOTD license. Since it restricts its offerings to *NON-Commercial* usage, for how MANY users will this (almost) EXCLUSIVELY commercial product apply? So why offer it, then? Were they just foolin' about their licensing restrictions? All three VERY good questions, I should imagine.

I have concern for this software. READ THE INSTALLATION AGREEMENT. An exponential rise of cyber attacks have increased from China against the U.S. within the last 18 months. Check posts above

This guy is good. Really good. This package is geared towards business or small office home business owners. I would dare state the obvious... but I won't.
It's a dangerous package to download because IF it were to contain an undiscovered backdoor, then then software could report weakness in the network using it. If this information was reported back to China, the information could be used to take over your network and attack other networks from your network.

You may even receive a visit from the "men in black" due to illegal activity. It's possible

Remember, NOTHING IS REALLY FREE.

I just dont feel comfortable downloading and in using this software as it has potential more harm than good.
That's the reason I'll pass on this download.

Beyond any possible improvements in quality, the rise of the price tag, I think, can be described as being "pretty amusing". Keep in mind that the interval in between is little more than 16 months.
v2.0 (10/29/08): US-$ 69
v3.0 (05/15/09): US-$ 181
v4.0 (03/05/10): US-$ 329

Basically this is a program for small businesses and medium businesses. It's not intended for people like us (home users), since we don't have that many computer in our houses and we only use our them for general uses.

@12,
So pretty much this program monitors any suspicious things happening between networks right?

@13,
This program is run by a Chinese company like Iobit's? If so... hopefully they are not like Iobit, where they steal other program's ideas and claim it as their own... -_-
Not to be racist or anything, it's a fact, but I have seen many illegal activity done by Chinese people very often (mainly those from China, not Hong Kong. Hong Kong is a bit different, because they are more "well educated" than some parts of China. This is because when Hong Kong was still taken over by the British, they toke care of Hong Kong very well and provided very "some-what" strict rules (no littering or else ticket! D:) and good education to people. Thats why people in Hong Kong are considered more well educated than many parts of China. I'm correct right?
Though I guess they are other parts "good parts of China"... like Singapore? I dunno... I just learned that from my good friendz who know a "whole-lotta-stuff"! XD).

To be honest, I don't think I'll be downloading this... why?

I have the following:
-ESET NOD32 - Business Edition
-avast! Anti-Virus FREE
-Key Scrambler Premium
-Malwarebytes' Anti-Malware PRO
-Sandboxie

So I don't think any virus would get into my computer with my combination of "ultra layered" security. :D

Besides... "Key Scrambler" encrypts "every single letter" I type in and encrypts it so those pesky, son of a cow (lol), keyloggers won't read what I'm typing right now.
This: GAOTD Rocks!
Turns into this when keyloggers read it: /3@df!gdf+3_G$

Other than avast's screwed up "360 live epic-fail monitor" is suppose to have a Master Chief on most common places on my computer (such as the internet and file checking every time I open something), it lags my computer like crazy and I had to hard boot all the time... the outcome? Disable 'em all!

Sandboxie is a nice program when you want to bring some viruses to your "play-house of doom" aka "Virtual System" aka "Sandboxie" and laugh at the malware/virus that isn't attacking your system since it can't get out from its "virtual system" of my computer. LoL.

Then there's my epic failed ESET NOD 32 which failed to find 42 damn hidden viruses in my computer. Though, I realized a lot of them were malware and ESET doesn't check for malware; only spyware, viruses, and keyloggers.

Malwarebyte! Hurrayz! My best friend of all time! I used it for a while, but one thing it lacks is "automatic update". I always have to manually update! It sucks... but it DID find the 42 hidden viruses my ESET NOD 32 didn't find! :D

Well that's a review of some real soup'd up programs and stuff! Hope you like it!

~Joji~

#13

Andrew (Andy) Huang
From Wikipedia, the free encyclopedia
Jump to: navigation, search

Andrew "bunnie" Huang is an American hacker, who holds a Ph.D in electrical engineering from MIT and is the author of the 2003 book Hacking the Xbox: An Introduction to Reverse Engineering. He was born in 1975.[citation needed]

He also was the first person to hack the original Xbox console.[citation needed]

Huang, along with Ken Steele, designed Chumby, an embedded computer device.[1]

[edit] Publications

--> #5 FYI, looking at the site, and especially the News section, which includes a headline: "Chinese Website Opened", would not have expected the following whois results.

Registrant:
AndyH Andy Huang
18 Xiwang Road 1 Duan YangGuangCheng
ChengDu, N/A 610061
CN

Interesting.

I have been using Sax2 free version for quite a while and it definitely gives you an idea of what's going on with your connection and your network and in surprising detail.

To answer some queries for previous comments :

* the company is very friendly and I have received personal email replies from them to my questions and comments.

* if you don't want to renew this in a year's time then try the free version !

@Lothar : a packet sniffer is a packet sniffer - have you tried WireShark ? Do you think it is dangerous ?

@MollyBarton : it should find your adapter automatically.

I use an earlier version of this program, a GOTD last year. To put it simply: When you start the program it monitors what happens at your connection to Internet. The program is rather advanced and I shall not pretend that I can use all functions but I am learning...
# 3 Molly Barton: My version of the program (SAX2 Version 3) does not monitor a USB dongle -it only works with a standard network card. Probably it is the same with your version, unfortunately.
I have found this program useful and reliable. You can monitor your network traffic if you use a router or directly through a modem.
It has helped me to solve problems with my ADSL, for example when Windows Update suddenly stopped working. I would very much appreciate if the vendor would clarify if there is a time limit to this version as #4 DrLongBear says.
This is a very trustworthy an serious company according to my experience and I very much recommend the program although the learning curve is rather steep.

will someone please do a proper review and tell us if its of any use for normal users like me ???

TK is right. The only way this thing monitors anything is if it's running on a machine you are using as a gateway of some kind, and home users (and small businesses) use dedicated gateways with their own firmware OS (your ROUTER), and NOT a PC or Server!
This is because, with modern switching technology, only packets marked for the destination device are sent there. With the older and now obsolete hub technology, all packets went to all ports.
I suppose you could MONITOR traffic on a system with a single NIC by putting a hub in between your switch and router (or internet connection), but you wouldn't stop anything, only watch it pass on by. In this configuration, the hub would act as a "tee", sending a copy of all packets going anywhere to the monitoring end-point.

#4

This is a commercial product which requires an annual renewal. You are getting a year for free and then you will be required to uninstall or cough up for another year. How does that make it a trojan? A trojan is a non self-replicating rogue program that says it is doing something and actually does something else. This program monitors network traffic - how is it a trojan?

Me thinks you need to do a bit of reading....

this may not be of use to people bu t i have uaed (and till) on-line amour,wndows defender,blue coat web protection , anvir manager and IOBit security 360 and these rogamms do more thn enough for me
it also keeps my children safe on the intrnet as i can set levels fr my children and these can all have paswords attached to them so they
cannot be changed by anyone other than th administer
this doesnt men that i a turning down this offer but as it only seems
that e can use this offer for a year as #4 dr long ber states
these programmes have mention might offer other solutions
and some of these progmme i have staed have been offered on GAOTD at
previous offer

Four more tools 'alike' to compare:

users.telenet.be/ahmadi/nettools.htm - ;www.wireshark.org - ;www.netlimiter.com - ;www.fiddler2.com/fiddler2 -

nettools 5 is awsome (don't copy '-- ;').

Seems to be what many people are looking for, to make a network more secure. I always take a first look at the homepage, to get an impression about the developers. This first impression was quite good - BUT: You have to read the section "Corporate" quite carefully, to find out where that company resides. I maybe a little bit paranoid, but who shall install a packet sniffer on his network, when the developers fail to clearly state who they are and where you can find them. It has to do with openness and trust. Some countries have a law, that a website has to offer that information with 1 click. And that's for good reason!

Read the offering carefully. It states it is $329.00 for ONE YEAR. This app will most likely only be viable form on your computer for about a year, give or take a month...then, if you are a happy camper with the program, you will need to cough or hack-up whatever the going rate will be to keep the configuration you were previously given for free.

I, for one, dislike immensely any type of Trojan, be it given with a friendly hand, or delivered in horse form...it is not a kindness I am seeing here...smacks of tactics of our "friends" in Washington state during the earlier days of P.C.s & Operating Systems.

NO THANKS!

I have a Dell laptop with XP-SP3 wireless connected to my router connecting me to the internet.

I was able to download and run the software (and yes it is preregistered) but I cannot start using it because it does not detect any adapter and therefore I cannot monitor any traffic at all.
(the adapter screen is empty)

Am I doing something wrong? I don't see a way of manually add an adapter?!
It seems this software must 'see' the adapter automatically.

Is this software not to be used when connected wireless??

Feedback is appreciated very much, thank you in advance.

I have no idea what this thing does or if I can use it for anything... but getting $329 for free... that is sweet. Ca-ching! I am rollin' in it man. No one ever gave me $329 for free before. Thanks!