Hello,
I have a question, i'm not sure i understood the Bus Pirate :D
With the Bus Pirate, you can "use" (read/write) all the listed protocols ? or you can "monitor" them (sniffer, passive monitoring) ? Or both ? :D
If you can sniff all those protocols, why not the USB protocol sniffer, which could be a great add to this wonderful tool ?
I think i must have one of these :)
Thanks for your answers ;).
Hi,
It reads/write most protocols, and can monitor (sniff) a couple.
USB is not a simple high-low protocol, its differential, and requires a special transceiver. You could monitor USB with the Bus Pirate, but you'd need an external adapter.
The easiest way to monitor USB is probably to use Microsoft's free PortMon utility to log it at the PC side.
I know, but where's the fun with software sniffers ;)
Thanks for your answer.
There are two reasons why sniffers (hardware or software) are very different from devices that actually implement one end or the other of a protocol, like the Bus Pirate.
First, hardware (which is many cases are a single chip) is almost always designed to actually participate in conversations, not to just listen to them. This is the primary reason why it's much easier to implement a device in hardware than a sniffer in hardware -- because that's what 99.9999% of chips (by volume) are designed to do. For example, a USB chip's job is to participate in a USB conversation. When asked to do something, they do it, and they respond to the device on the other end of the wire. The conversation is a two-way conversation, and the hardware is designed to perform this way. Very few people design USB chips that only listen to one side (or both sides) of the conversation, and neither perform their requested actions, nor respond to the other side. So, it's not easy to implement a USB sniffer in hardware because you can't go out and buy USB chips that are designed for that purpose. If you want/need to do it, in many cases, you have to implement the hardware yourself.
The other reason why sniffers are different from end devices, whether they're implemented in hardware or software, is that many protocols are not symmetrical. Sniffers (are usually expected to) have to understand both sides of the conversation. In most cases, hardware and software are designed to be one side of the conversation and not the other. Even if the software (or hardware) is capable of representing either side of the conversation, they're very rarely designed to do both simultaneously. USB is good example here, also. A USB master device has a very different set responsibilities than a USB slave device. In many cases, there's very little common software or hardware between the two ends of the conversation. So essentially what you have to do is to glue the two opposite-end implementations together into one unit to make a bi-directional sniffer. This is generally the case whether it's a hardware or a software implementation you're talking about.
If the protocol that you're considering is (more) symmetrical, it's less work to put together a sniffer, although pure hardware implementations can still have some of the same issues mentioned above.
As for your comment about what's the fun with software sniffers -- there are free software sniffers. Hardware USB sniffers are often $500-1500.
I don't know about you, but free sounds pretty fun to me.
Thanks for your detailed reply. I'd probably go for a logic analyzer with a custom front end, or a recording/logging oscilloscope with some post analysis in Matlab (?), if I absolutely had to snoop USB from hardware.
Yup, USB sounds hard to implement in hardware :(.
When i told software sniffers were no fun, i was saying that for the electronic side :)
Anyway, thanks for those details ;)