Would you recommend a logic analyzer to sniff serial data from rs232 connection? or would the bus pirate do a much better job?
About a year ago I bought an Intronix LogicPort logic analyser, see here (http://http://www.pctestinstruments.com).
It's probably my most used tool, clearly it's not a cheap deivce but it certainly does a whole lot more than just rs232 sniffing! If its the sort of thing your after then I'd highly recommend it. The only two drawbacks I ever had with it is that, a) all I could do was monitor what was being sent back and forth, and b) its sometimes difficult to capture large amounts of data as the device has a finite amount of memory, although it can do continuous captures but it's up to you to string them together... now I have my buspirate both problems are gone! :D
For smaller data transfers and to check timings I still use the logicport but for mass dumping I use the bus pirate :)
Thanks for posting here. I thought you had a great question and there might be some great answers besides mine.
For simple RS232/serial port sniffing you can do two things. First, you can do the free option and download Microsoft's Portmon and just watch the traffic move around on your PC. Since RS232 is a pretty slow protocol that most PC's speak, you could also just tap the serial connection with the input of another serial port (Bus Pirate, PC, or USB->serial adapter) and watch the traffic in a terminal.
For data sniffing in general, I also highly recommend a logic analyzer. I don't think you'll need it for RS232 traffic, but for I2C, SPI, etc, it's the only way to go. There's been some effort to put SPI (works) and I2C (alpha) snoopers in the Bus Pirate, but it's not really the right tool. The Bus Pirate is for slow incremental communication with a device from a terminal. Snooping protocols requires that you push the data out of the snooper at least as fast as you read it -- with the Bus Pirate and a fast bus (faster than 115200bps) it gets a bunch of data but doesn't have time to send it to the PC before the next data comes. This can be solved with a nice buffer, but really the Bus Pirate isn't the right tool for this.
The nicest, cheapest Logic Analyzer package I've used is the Saleae Logic. It's 'only' $150. I reviewed it at Hack a Day here:
http://hackaday.com/2009/03/06/tools-sa ... -analyzer/ (http://hackaday.com/2009/03/06/tools-saleae-logic-logic-analyzer/)
Long term, I'd like to develop a 200Mhz FPGA hobby logic analyzer for $20-$30. I think that would be a game changer. Keep on eye out for that as a 'project of the month' sometime in the next year.
Also, until I release V3, or Hack a Day decides to sell more V2go, there's no way to get a Bus Pirate unless you build it yourself.
For a simple logic analyzer, I use my PICKit 2. It's only good for signals up to 500Hz, but for a lot of hobby applications, this is okay. It's only 3 channel, but in a pinch, with hardware many already have, it's still useful!
On windows, Microchip's software works fine. On Linux/OSX, you can use my version of the tools, located at http://pk2-la.sf.net (http://pk2-la.sf.net)
This is the tool I'm using to figure out what's going on with the I2C issues. :)
Sounds great.... Since I've posted this question, I have since received my logic analyzer and managed to get some data. SO. Since I'm 100% newb, and 100% un-educated in any like this, but being 100% determined to get my little project done, I've added some files to this post. Its all the data I've captured during one dial in session from the device I'm trying to figure out.
Things I know:
I do see the AT commands. init string and phone number
I can see the url that the device is trying to access
Things I assume:
I'm assuming that this device is accessing a local network to where ever I'm dialing into, and I can see a URL
I also assume that the data that I can't seem to understand MIGHT be tcp/ip
What I'm hoping for?:
If anyone could look at my files and maybe give me some insight, education or even point me in the right direction? or maybe if anyone could help me out in this project and trying to decipher the data that I'm capturing.
Thanks in advance guys.
S
Can you share a little about what you're trying to do and what components are involved?
Well, in a nutshell. I've sniffed the data that goes from the main chip to the modem, now I want to figure out how to reverse engineer that data so that I can have full access to the device.
In the most generic sense you'll probably need the manufacturer's datasheet. Without knowing more about the devices it's really hard to guess at the protocol. My approach is to do one operation at a time and look for a pattern in the datadumps. Check out the thread on developing a Linux bootloader, there's a similar process there.