I don't even know if this might be possible....

I trying to monitor and log the data being sent and received from a USB
connected device. Is there anything able to do this please?

--
Regards,
Harry (M1BYT) (L)
http://www.ukradioamateur.co.uk

On Sat, 28 Jun 2008 06:37:22 -0500, Harry Bloomfield
<harry.m1byt@nospam.tiscali.co.uk> wrote:

to isolate the USB device from the other traffic on your computer.

The one I use is Packet Viewer:

http://pageperso.aol.fr/pzwenger/pro...grams.html#P11

requires .NET 2.0

(you could also use WireShark)


--
Bear Bottoms
Freeware website: http://bearware.info

On Sat, 28 Jun 2008 12:37:22 +0100 'Harry Bloomfield'
wrote this on alt.comp.freeware:

sysinternals Process Monitor?


--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

On Sat, 28 Jun 2008 07:18:31 -0500, Bear Bottoms wrote:


With Wireshark you can select which interface to capture on.

That's assuming it's network traffic that he wants to capture, not, say
files transferred to/from a USB stick or Bluetooth transfers to/from a
mobile?

On Sat, 28 Jun 2008 08:38:09 -0500, PCPaul <acf1@bitrot.co.uk> wrote:

do. I /assumed/ network traffic. Anyway, it's good to know wireshark will
isolate as such...noted if I ever want to do that.


--
Bear Bottoms
Freeware website: http://bearware.info

On Sat, 28 Jun 2008 08:43:40 -0500, Bear Bottoms wrote:

I'd be 95% sure it *is* network traffic, but I do like to try and cover
all the bases...

Incidentally, if any wireshark users are fed up with having to pick
something other than the fairly useless 'NPF_GenericDialupAdapter' device
every time you start a capture, you can change it by going
to Edit->Preferences->Capture and changing the default interface, then
also choosing the Interfaces->Edit button and ticking 'Hide interface' to
remove all trace of it.

On Sat, 28 Jun 2008 12:37:22 +0100, Harry Bloomfield wrote:

Too little info.
--
http://www.bushflash.com/idiot.html

On Sat, 28 Jun 2008 12:37:22 +0100, Harry Bloomfield wrote:

Found this old sourceforge project(2002)sounds like what you want.I
haven't had the chance to try it yet so I can't praise or condemn in any
way.I'll give it a try later and let you know or you might beat me to it.
http://sourceforge.net/projects/usbsnoop/

Dave



--
Registered Linux user # 444770
Tact is the ability to tell a man he has an open mind when he has a
hole in his head.

On Sat, 28 Jun 2008 17:08:53 +0000, Dave wrote:

Gave this a try and yes it is old.The authors Readme.txt said it was
tested on Win98 and Win2000,but it did work as advertised on my XP Home
SP2 system.SnoopyPro is the name and after starting the program
(single .exe file,no installer),you install the service from the file
menu,then choose the usb device to monitor and start monitoring.This is a
sample of the type of logfile you get:
73 out down 0x01 0.581 BULK_OR_INTERRUPT_TRANSFER
55 53 42 43 70 be dc 89
URB Header (length: 72)
SequenceNumber: 73
Function: 0009 (BULK_OR_INTERRUPT_TRANSFER)
TransferFlags: 0x00000000

TransferBuffer: 0x0000001f (31) length
0000: 55 53 42 43 70 be dc 89 08 00 00 00 80 00 0a 25
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

If you're looking for something that records like:
finances.doc -copied 2:34 p.m.

this is not it,but it does enable separate logs for each usb device.

Dave



--
Registered Linux user # 444770
Tact is the ability to tell a man he has an open mind when he has a
hole in his head.

Bear Bottoms laid this down on his screen :
I have a weather station, which every 15 seconds sends a burst of data
to the PC via a USB connection. It is this data which I am trying to
look at.

--
Regards,
Harry (M1BYT) (L)
http://www.ukradioamateur.co.uk

On Sat, 28 Jun 2008 16:53:04 -0500, Harry Bloomfield
<harry.m1byt@nospam.tiscali.co.uk> wrote:

very easy to use and read.


--
Bear Bottoms
Freeware website: http://bearware.info

On Sat, 28 Jun 2008 22:53:04 +0100 'Harry Bloomfield'
wrote this on alt.comp.freeware:

Is there not a piece of s/w you run to capture the data and
format/display? ...or are you also wanting to capture it as it's
sent from the weather station in some sort of raw format?


--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

Bear Bottoms wrote:
That's highly unlikely. The programs you suggested are IP packet
sniffers (TCP, UDP, ICMP, etc.) and the weather station almost certainly
will not have an network interface assignment. Most of them operate as
serial devices and/or use their own proprietary protocol as far as I'm
aware.

After serious thinking hummingbird wrote :
I have the software which taps into the data to display it, I'm just
trying to investigate the format of the data as it appears on the USB
port.

--
Regards,
Harry (M1BYT) (L)
http://www.ukradioamateur.co.uk

On Sun, 29 Jun 2008 18:29:56 +0100 'Harry Bloomfield'
wrote this on alt.comp.freeware:

hhmmm. I suspect a packet sniffer won't do that because they
don't usually capture USB transfer data, only TCP stuff etc.

Sounds like an opportunity for a new small application...


--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

On Sun, 29 Jun 2008 18:29:56 +0100 'Harry Bloomfield'
wrote this on alt.comp.freeware:



Harry, do you think this might do the trick?:

-Description-
"DeviceIOView allows you to watch the data transfer between a
software or service and a device driver (DeviceIoControl calls).
For each call to a device driver, the following information is
displayed: Handle, Control Code, number of input bytes, number
of output bytes, the name of the device handle, and all the
input/output bytes, displayed as Hex dump."

It's one of the small non-install NirSoft utilities avail here:
http://www.nirsoft.net/utils/device_io_view.html

[I'm thinking that your weather station will have a device driver
which you can possibly monitor with this program and display data
being transferred]


--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

hummingbird submitted this idea :
That didn't seem to pick up any data from anything, but thanks for the
suggestion.

I have now managed to tap into the data with a trialware program called
Device Monitoring Studio.

--
Regards,
Harry (M1BYT) (L)
http://www.ukradioamateur.co.uk

On Tue, 01 Jul 2008 16:37:37 +0100 'Harry Bloomfield'
wrote this on alt.comp.freeware:

Oh well, it was just a long shot. Anyway, you've got a solution
.... albeit it payware. Good luck.

--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)