More Back Issues
Newsletter Home Page
Let’s Fight Sp@m!
NetBEUI and Win XP
Letter Mail Donate
Recommend Scot’s Newsletter to a Friend!
May 27, 2003 - Vol. 3, Issue No. 46
By Scot FinnieIN THIS ISSUE
The latest wired (as opposed to wireless) broadband routers from Netgear and D-Link — the RP614 and DI-604, respectively — both scored better than the Linksys model on several criteria, including configuration ease, features, firmware upgrading, and even security protection. There's nothing terribly wrong with the Linksys product, it's just that the others have leapfrogged ahead.
Feature for Feature
D-Link's Express Ethernet DI-604 and Netgear's Web Safe Router Gateway RP614 offer very comparable feature sets. Both come in small, trim new case designs and under $50 street prices. Both provide basic firewall features, seamless VPN support, content-blocking by URL and domain, scheduled blocking of Internet access to specific computers on your network based on IP address, remote management, the ability to name and save backups of your configuration settings to your hard drive, the ability to preserve existing settings on a firmware upgrade, Universal Plug and Play (UPnP) support, support for dynamic DNS, port forwarding (or virtual serving), and rapid initial configuration with Web-based config wizards that'll have you going in less than five minutes (especially if you have dynamically-assigned broadband access).
The Netgear RP614 has a styled case that's especially curvy and slim. It's barely one-inch thick, although a couple inches longer than the D-Link. The RP614 offers built-in content filtering by domain or keyword. The Netgear offers optional email notification concerning its content-filter logs. Overall, Netgear's content-filtering features are slightly better than D-Link's, but there's a hitch I'll come back to a little later.
The D-Link DI-604 has changed significantly since its June 2002 first release. The product's case design was completely altered recently, and several of its new firmware features added, including a virtual cable-checking function (checks to see if your cabling is properly connected), Xbox support, and several other minor additions. The new case is very small and unobtrusive. Though it lacks a stand like the Netgear RP614 and is a little thicker, its squared-off ends make it easy to park just about anywhere. It also has a much smaller AC power brick than its Netgear competitor.
The D-Link also adds a small but important set of features that many other home-oriented routers don't have, including easy configuration of port access by application, firewall rule sets, and the ability to place one computer in a DMZ (outside the firewall on the Internet). The Linksys has some of these features, but the D-Link configuration screens are better than Linksys's.
The DI-604 also provides the nifty ability to work with computers on your network by MAC address (a unique code given to every NIC, router, and other network devices). That gives the D-Link a powerful advantage on locking and scheduling Internet access of networked PCs by MAC address — something that's a lot harder for older kids to figure a way around in order to access the Internet when you don't want them to.
For pure protection, the Netgear RP614 comes out way ahead of the Linksys BEFSX41 and slightly ahead of the D-Link DI-604.
I retested the Linksys model for this review and found it had several vulnerabilities not revealed when I reviewed it last year. (Online security tests change constantly, and the Linksys hasn't had a firmware upgrade in quite some time.) There were a couple of showstopper vulnerabilities reported by the Security Space benchmark. PC Flank also found a port Subseven commonly attacks was closed — but visible — on the Linksys.
The D-Link came very close to matching the Netgear's security performance. The one issue was port 113, IDENT, which was closed but visible (instead of "stealth") on the GRC NanoProbe test. I was able to duplicate this with the PC Flank Advanced Port Scanner, although PC Flank doesn't consider port 113 important enough to include in its preset tests. Here's GRC's explanation of the importance of port 113.
None of these firewall-like hardware products offers the full configurational ability of the best software firewalls, such as Sygate Personal Firewall Pro 5.0. None also offers any sort of outbound protection. Both the Netgear and D-Link do a solid job protecting against inbound attacks, however.
For more information about how Scot's Newsletter tests firewall hardware and software, please see the Firewall Test Suite and Methodology page.
Neither of these products has excellent paper documentation, although both provide two things that make this not such an awful criticism. I didn't need full-fledged docs because the Web-based configuration screens were easy to find (both use the same common URL). They both provide a step-through config wizard and manual controls. (I tried it several times both ways.) I was surfing the Internet in less than 10 minutes the first time I used each of these products, including both hardware and software setup. The only thing I needed from the manuals to make this happen was the username and password to access the Web configuration screens. The rest was perfectly obvious.
The second reason I'm not knocking either product on documentation is that both come with more detailed .PDF-based manuals on CD. Those manuals also didn't go as far as I liked on some of the more esoteric configuration screens. But they were good enough. Plus both products offer basic online help inside their Web configuration screens.
D-Link in particular has excellent software configuration. Firmware upgrades are as integrated as it gets in the D-Link DI-604. There are many more detailed settings on its screens than Netgear offers, which gives you more control. There are lots of nice touches, like the built-in cable connection test, the ability to manually set time or use an NTP time server, a log that watches all activity, and the application port configuration controls mentioned earlier. There's just no contest about which product is more flexible and convenient to manage.
Netgear and Linksys should both take a look at what D-Link is doing in this area. In particular, Netgear should realize that a manual time-setting screen is needed. I wasn't able to coax my RP614 test unit into understanding that yesterday was *not* Thursday, February 7, 2036. You see, the Netgear has built-in time checking to an unspecified, unchangeable Internet time server.
I called Netgear's tech support on the point, because the time of day was way off too — and since in playing around with it I found the time wandered by a couple of hours — so it affected the scheduled Internet access lock-downs of specific PCs on your network.
My tech support experience was not good. The first tech support person could only suggest what I'd already done, install the latest firmware update. (I always start out router reviews by updating to the latest firmware.) I had to bully my way into the "Level 2" tech support. That guy knew nothing more. He put me on hold to talk to a manager and came back five minutes later telling me that all Internet clocks have been screwy lately, and there's nothing they can do about it. When I pointed out to him that Windows XP has built-in time checking services, and they're working just fine, he mumbled something about how I could return my unit to the store where I bought it.
Netgear was a contender until that moment on the telephone.
When the Dust Settles
When you get down to it, port 113 being closed but visible and all, I just really prefer the D-Link product. I hope that D-Link is able to issue a firmware upgrade to fix that minor problem. Other than that, this is the best darn broadband router I've ever tested. Now if I can only convince them to make it in an 8-port version....
Have an opinion about broadband routers/firewalls? Take the SFNL Forums poll about which ones are best.
Back to the Top
I'm working on an in-depth examination of this browser, but I've decided not to hustle it out the door. Instead, I may use a post 0.6-release build. There have been some issues with the milestone build, mostly because they had to wrap some early Mozilla code around it, or at least, that's what the conventional wisdom is.
For more info about Firebird and the development of its sister program, the Thunderbird email program, check out the Scot's Newsletter Forums' new Firebird, Thunderbird, and Mozilla sub-forum.
Agnitum Releases Outpost Personal Firewall Pro 2.0
Last January I completed a round of software firewall reviews with a look at Agnitum Outpost 1.0, which I liked, but not enough to topple any of the three software firewalls atop the Top Products list. At the time, the Agnitum folks let me know they were working on a major upgrade, and last week they made that official with the release of Outpost Personal Firewall Pro 2.0.
It would seem that the free version of Outpost 2.0 will "not be will not be happening in the foreseeable future." In other words, Agnitum wants you to pay $39.95 for the Pro upgrade. Can't really say as I blame them; $40 is little enough to pay for the software firewall you choose. There's also a trial program, although I couldn't find specific details about it with a cursory inspection of the Agnitum website. For more information, check the following resources.
In the past I have written telling you about my good fortune with my Comcast subscription. Well, it's time for me to eat crow. Last night, Comcast decided that my email accounts needed to be closed and when I woke up this morning, they were gone.
When I first signed up for a cable modem, two companies before Comcast, the sales guy misspelled my user name on the master account, so they told me to just create and use a sub-account with the name I wanted. Comcast sees that the main account is inactive (although my sub-accounts are highly active). So, in their infinite wisdom, they emailed the inactive master account to say that I needed to contact them or they would close the account (I can't fathom the IQ level of the Comcast person who thought the best way to contact the owner of an inactive email account was with an email). Needless to say I never got the email and the account, and all sub-accounts, were closed.
To top this off, when the local Comcast people were contacted (who were extremely contrite and as helpful as they could be considering they were fighting corporate), I found out that I could get new user names, but the old ones were unavailable for 90 days and they could not have email sent to the old name forwarded to a new account.
Anyway, I guess my mistake was thinking that the good local Comcast people were at all representative of Comcast corporate. --Doug Gladstone
Even though I got to the bottom of the problem and published the "mega-tip" above that scores of people have written to thank me for, the whole thing has become something of a red herring for me. Over the last year I've increasingly turned to using power standby and hibernate features on many of my notebooks and desktops, both to save time and power. Under Windows XP, I find these power-management features finally work (with newer PCs, at least). But NetBEUI doesn't support power management very well. So, after testing NetBEUI on my network successfully in all other regards, I went back to IPX/SPX with NetBIOS enabled. For me, that's the right trade off.
I also tried to explore other NetBEUI-related problems, including two separate issues concerning 802.11x wireless networking and Linksys broadband routers. Dozens of SFNL readers dutifully sent in their experiences with both of these things. And I did my best to both triangulate them and prove them out. But in the end, I wasn't able to do either. Networking is a complex subject with lots of variables. I had hoped to narrow down these reported problems and find a solution, but it's been tough sledding. And I really have nothing new to report.
Thanks to all those who sent me details about their networking configurations. We'll figure out the next one.
Back to the Top
My first somewhat inadvertent test of the notion came about recently when I posted a recent rant, called The Top 10 Most Annoying Things About Software. That piece from the April 3, 2003 edition of the newsletter linked to the recently debuted Scot's Newsletter Forums in the Windows and Applications forum. The thread has so far elicited more than 60 responses. When you roll up everything that everyone posting has said on this topic, the result is a very significant and intriguing list of 35 software no-nos.
I offer it to the software industry as a mandate about how to provide software that people will want to use, and will be far more likely to pay for.
The 35 Most Annoying Things About Software
35. The fact that many applications that could make good use of a Web browser-style Back button don't have one.
34. Related functions, settings, controls that don't appear anywhere near each other.
33. Software that tries way too hard to automatically do things for you, and in the process, messes you up.
32. Software limitations that protect us from ourselves, because all they do is frustrate us — and their real goal is usually to limit tech support. One common example is a purposeful lack of configurability: One size does not fit all with software.
31. Shareware products that nag you with excessively frequent and aggravating registration reminders.
30. Tiny control surfaces, such as scroll bars, X-boxes, the edges of windows, that require overly precise mouse movements. After years of all-day computing, these things can lead to repetitive-stress injuries — especially on high-resolution displays.
29. The software gunk that gets left behind in the Registry, your hard drive, in temp folders — wherever! — after an uninstall.
28. Processes, notifications, automatic bring-to-front services that steal program focus, forcing you to lose your train of thought, find the window you were in, and play hide and go seek with the cursor or mouse pointer.
27. Any program that installs adware, spyware, or anything else without your knowledge on your system — even in its "free" version.
26. Any program, service, layer, update, patch, or tweak that cannot be uninstalled.
25. Product Activation — need we say more?
24. Windows you can't resize, or that don't remember their size and position between sessions.
23. Program instability, memory leaks, poorly coded software, even when it delivers useful functionality.
22. Programs that stay resident in memory after you close them.
21. Software whose primary functionality can't be figured out without reading the documentation.
20. Setup routines that require Windows (even XP and 2K) to reboot after installation.
19. Programs that "lose" your configurations (skins, settings, preferences) when you upgrade to a new version.
18. Could we all just agree on *one* standard menu location for program options, such as Edit > Preferences, File > Settings, or Tools > Options. Pick one, any one.
17. Software that reinvents the wheel by installing its own services for things that Windows already offers (with the possible exception of Windows Task Scheduler).
16. Software that puts a shortcut on your desktop, the top of the start menu, the quick launch bar, the windows startup folder, or in Registry auto-start locations without permission.
15. Software that after installation requires you to hunt down buried preferences settings to disable vaguely named Auto this and Auto that "features," such as Real Player.
14. Software that steals file format or default program associations without asking.
13. Programs that change the default title bar text for Internet Explorer, Outlook Express, and other programs with what amounts to ads for their companies, and then don't put things back to normal when they uninstall.
12. Software that may wreck your Windows installation when you uninstall it, such as some versions of KaZaA and others.
11. Software with secret command-line functions that aren't documented.
10. Programs that require you to be online to work, when they don't really offer you online-related functionality.
9. Commercial software that relies on a Readme text file — instead of a well designed and informative installation routine — to warn you not to install the program on Tuesdays, when the moon is full, or when the developer is on vacation. (Note: This sort of thing is okay for freeware.)
8. "Click here for help" when that step requires an Internet connection but the problem I'm having is connecting to the Net.
7. The inability to cancel a program process when you decide it's not what you wanted to do.
6. Poorly researched, written, or incomplete documentation.
5. Tech support that can't understand or speak in your native language.
4. Tech support scripts that have no bearing on the problem.
3. Software that "conflicts" with its competitors' software.
2. Software that you pay for, but the license insists it's not yours.
1. Software that costs too much.
I'd like to warmly thank these Scot's Newsletter Forums members for serious contributions to the list: Big Jeff, Ebandit, Eksimba, Greengeek, Havnblast, Irkregent, Littlebone, Muckshifter, SocBum, ThunderRiver, and Zox.
If you have a thought to add to the list, then it's still growing. Post your software pet-peeve in the SFNL Forums.
Back to the Top
First Nominees to the Software Hall of Shame
This can be a very controversial and subjective topic. Therefore, I am nominating some to get the ball rolling:
RealNetworks RealPlayer and RealOne
Microsoft Windows Media Player
Microsoft Outlook Express
Jasc Paint Shop Pro
Sharman Networks KaZaA
StreamCast Networks Morpheus
I know that some of these not everyone is going to agree with (Outlook, Outlook Express, and BlackICE come to mind, for example). And there are several notable bad guys I haven't put on the list. You can choose to nominate others in return, or you may opt to make a (friendly, constructive), impassioned plea for why any nominated application doesn't deserve to be in the Software Hall of Shame.
There are two ways to respond. The best way is to use the Scot's Newsletter Forums (if you're new to the Forums, see notes below), where you'll be able to see other people's responses, including mine.
But if you're just not into threaded-messaging, you may also send me an email.
Notes to first-time Scot's Newsletter Forums users: Anyone may read SFNL Forums without registering, but to post messages you have to register with a valid email address. You will receive a validation email message (usually only a couple of minutes after initiating your registration). In that message, while connect to the Internet, you must click the second URL, the "activation" link. That's it. Your email address will be protected. It never shows up in posts.
Back to the Top
I've personally visited the site for over five years, and it has never steered me wrong. Tom Pabst's site is big enough now that it's grown a little commercial and rivals computer magazines for pull among the hardware-information-seeking audience. It has a staff of editors, some of whom are folks I've worked with or talked about in SFNL before.
Even so, that hasn't changed the essential character of the place. It has a lot to offer: News, guides, reviews, and a broad wealth of information on a large variety of hardware topics. Tom's Hardware is not to be missed. It's an essential part of the Internet computer-oriented e-zine experience.
I need your help! Have you discovered a relatively unknown Windows or broadband related website that's a little amazing? Please send me the URL so I can check it out and let everyone know about it.
Back to the Top
Task Manager is great for listing programs, but useless for services. Happily, there's a better way.
Have you ever used a firewall to control outgoing Internet connections on Windows XP? If so, you've probably come across warnings telling you that Svchost.exe wants to connect to the Internet. But what does this actually mean?
Svchost.exe is a shell program used to provide the functionality for many built-in Windows Services; as a result, figuring out which one wants to go online can be tricky. To make things worse, you'll probably have multiple copies of SVCHOST.EXE running at any one time. (To find out, press Ctrl-Alt-Del to open Task Manager and click the Processes tab. Am I right?)
But here's how you can get some more indication about what's actually using instances of SVCHOST.EXE.
For Windows XP Professional (only)
Open the Command Prompt, type one of the lines below, and press Enter:
tasklist /svc | more
The second line offers a paging function if the first one doesn't let you see all the output.
The same functionality is available under Windows 2000, but it involves an extra step or two:
1. Insert your Windows 2000 Setup CD in your CD drive and navigate to the CD's Support\Tools folder.
2. Find the Support.cab file, and extract the Tlist.exe utility from the Support.cab file.
The easiest way to do this is with a compression utility, such as WinZip. For more information on extracting a file from a .CAB file, step 2 under this past SFNL Tip of the Week.
3. Open the Command Prompt and change your directory until the prompt is in the same folder as the one you extracted Tlist.exe to.
4. Type this line, and press Enter:
What It Does
You'll see a list of every task running on your PC, along with its Process ID (PID) number and any associated Services it's running.
It's interesting to see which of your tasks is actually responsible for a given service, but a quick look at Task Manager will reveal a new problem. How can you correlate the SVCHOST.EXE files listed by the TASKLIST command to the copies displayed in the Task Manager?
The answer is to make Task Manager display the PID number of each task, so you can match them up. Task Manager's default setting doesn't show PIDs, make it do so by choosing its View > Select Columns dialog. Then place check beside "PID" and click OK.
For more information on SVCHOST.EXE, as well as various ways to augment the tips above, see these Microsoft Knowledgebase articles:
If you think this sounds fiddly or complex, then you'd be right. A better solution is to download the Process Explorer from SysInternals. Just select Options > Highlight Services to see what you're running. Right-clicking on a service and selecting Properties gives you all the information you need on the resources it's using.
I need your help! Do you have a Windows or broadband tip you think SFNL readers will like? Send it along to me, and if I print it in the newsletter, I'll print your name with it.
Back to the Top
Thanks to Moderator Bruno for getting it going. You'd be surprised the computer that people started out with. My favorite is probably Water Cooler and Forum Feedback Moderator Jeber's first ... a Cray Supercomputer. Now that's cool.
LilBambi's virus thread in Security and Networking charts a recent wave of email worms, including Mankx and SoBig. There's lots of interesting detail in this thread, including hard information about what to watch for, who's at risk, and how to get rid of these problems if you get them. There's even a message from a Microsoft MVP. Check it out.
SFNL Forum Announcements
The Scot's Newsletter Forums have several announcements this week. We're at nearly 1,200 members, over 14,000 posts, and we've added two new moderators: ChrisP and GolfProRM. ChrisP comes to us with solid moderator experience from past Link of the Week, PC Q&A forums. He's now working the Q&A, Windows, Hardware, and Security and Networking forum at SFNL. He's also got dibs on the Software forum we expect to open shortly. GolfProRM is handling the Windows forum and also the new Firebird, Thunderbird, and Mozilla sub-forum. Recently promoted Senior Moderator LilBambi is now helping out in the Q&A forum too. But she helps out everywhere!
SFNL Forums members, have you noticed a thread (or topic) in the Forums that is useful, interesting, problem-solving, or just cool? Nominate it for possible publication (Forum registration required to post) in an upcoming issue of Scot's Newsletter, and if I make it Thread of the Week, I'll print your name (or forum nickname) with it.
Back to the Top
As I wrote in early February, the last time I put out a request for contributions, if even one in five of the newsletter's subscribers (just over 8,000 readers) donated $15 annually to keep it running, I could conceivably quit my day job and devote myself full-time to authoring it. Fewer than one in 20 people have actually donated, though. Better keep the day job.
Whatever the amount is that you can afford, please donate something if you read this newsletter regularly and appreciate it. If you've donated recently, don't send me any more money. You're pulling your weight already. And that's all I ask.
For more information about donating to SFNL, read this brief document that gives details. You can print that page to send me a donation of cash or check via the postal service. Or you can use PayPal to send me an online contribution.
If you don't already have it, Sign-up for PayPal (you can use your credit card).
Once you're signed up, use this link to send your contribution directly to Scot's Newsletter.
Back to the Top
Did you know you can always find out when the next issue of Scot's Newsletter is scheduled to appear by visiting the Scot's Newsletter home page?
Back to the Top
The Fine Print
If you like this newsletter, I need your help spreading the word about it. Please share it with friends and co-workers, and encourage them to sign up! It's free.
Visit the new Scot's Newsletter Forums.
Subscribe, Unsubscribe, Change Email Address or Message Format
You can unsubscribe at any time; I don't believe in captive audiences. The website subscription center is the easiest way to manage your Scot’s Newsletter subscription. Changes take only a minute or two. You must select your message format — Text or HTML — even for address changes or unsubscribes.
To help with the cost of creating and distributing the newsletter, I accept contributions via PayPal and Letter Mail. For more information on donations:
Send comments, suggestions, or questions about this newsletter. Don't be bashful about telling me what you like or don't like. Send emails related to editorial content (only) to firstname.lastname@example.org/snl.
Please address advertising inquires (only) to: email@example.com/snl
How to Link to Scot’s Newsletter
Copyright © 2001-2007 Scot Finnie. All Rights Reserved.
Ten Myths About Copyright Explained.
You are subscribed to Scot's Newsletter HTML EDITION as: $subst('Recip.EmailAddr')