[mdlug] Reverse-engineering data protocols

gib at juno.com gib at juno.com
Tue Mar 1 13:22:28 EST 2011 

I think this is a good question for the group.  I don't know if anyone will  have an answer.  I suspect you may get many ideas. We'd really like to push you to replace the Window software with something on Linux.  

---------- Original Message ----------
From: David McMillan <skyefire at skyefire.org>
To: mdlug at mdlug.org
Subject: [mdlug] Reverse-engineering data protocols
Date: Tue, 01 Mar 2011 12:51:05 -0500



    Probably rather off-topic for this list, but I'm hoping somebody 
might know somebody....

    Here's my situation:  For a lot of R&D labwork I'm currently doing, 
one of my sensor systems is capable of streaming selected realtime data 
across a TCP connection to a remote piece of logging software.  But *of 
course,* the logging software only works under Windows.  Which I could 
probably deal with, except that the logging software is also pretty 
primitive -- saving a logfile down to a tab-separated text file so that 
my own postprocessing scripts can <ahem> Do Science To It requires a 
series of manual operations.  There's no way to automate it.  I've 
actually managed to semi-automate the process using WinXP scripting, but 
there's a rub: I have yet to find a way to get the script to trigger 
automatically[1].

    So, naturally, I decided this was a Behold The True Power of Linux! 
situation, and decided it was time to learn how to write my own 
replacement for this proprietary logging software.  So I did a test run, 
logging the raw port data with WireShark and saving the output of the 
saved file... and hit a wall.
    I'm *pretty* certain that this data isn't enciphered to prevent 
third-party access, but it's not plaintext being pushed through a 
Telnet-esque connection either.  So I'm a bit stuck.

[1] boring details:  the logging software acts as a "server," listening 
on a particular port.  It starts logging as soon as the port opens.  The 
tricky bit is that all the logged data *gets erased* without being saved 
if/when the port is closed, and the port gets closed from the "client" 
end (the test rig) as soon as I hit Reset to begin another measurement.  
Getting around this requires me to keep running back and forth between 
machines, which gets awfully tedious when I'm sometimes doing dozens of 
test runs per hour.  So the key event to detecting when to save the 
logged data is to detect first the port opening, followed by a halt to 
port activity.  Which I haven't been able to figure out a way to do 
under WinXP.
_______________________________________________
mdlug mailing list
mdlug at mdlug.org
http://mdlug.org/mailman/listinfo/mdlug
____________________________________________________________
Dermatologists Hate Her
Smart Mom Uses $8 Trick to Erase Wrinkles and Look Younger Instantly
http://thirdpartyoffers.juno.com/TGL3131/4d6d39947f505529e03st06vuc

More information about the mdlug mailing list