[mdlug] Reverse-engineering data protocols

Aaron Kulkis akulkis00 at gmail.com
Tue Mar 1 14:44:20 EST 2011 

David McMillan wrote:
>      Probably rather off-topic for this list, but I'm hoping somebody 
> might know somebody....
> 
>      Here's my situation:  For a lot of R&D labwork I'm currently doing, 
> one of my sensor systems is capable of streaming selected realtime data 
> across a TCP connection to a remote piece of logging software.  But *of 
> course,* the logging software only works under Windows.  Which I could 
> probably deal with, except that the logging software is also pretty 
> primitive -- saving a logfile down to a tab-separated text file so that 
> my own postprocessing scripts can <ahem> Do Science To It requires a 
> series of manual operations.  There's no way to automate it.  I've 
> actually managed to semi-automate the process using WinXP scripting, but 
> there's a rub: I have yet to find a way to get the script to trigger 
> automatically[1].
> 
>      So, naturally, I decided this was a Behold The True Power of Linux! 
> situation, and decided it was time to learn how to write my own 
> replacement for this proprietary logging software.  So I did a test run, 
> logging the raw port data with WireShark and saving the output of the 
> saved file... and hit a wall.
>      I'm *pretty* certain that this data isn't enciphered to prevent 
> third-party access, but it's not plaintext being pushed through a 
> Telnet-esque connection either.  So I'm a bit stuck.
> 
> [1] boring details:  the logging software acts as a "server," listening 
> on a particular port.  It starts logging as soon as the port opens.  The 
> tricky bit is that all the logged data *gets erased* without being saved 
> if/when the port is closed, and the port gets closed from the "client" 
> end (the test rig) as soon as I hit Reset to begin another measurement.  
> Getting around this requires me to keep running back and forth between 
> machines, which gets awfully tedious when I'm sometimes doing dozens of 
> test runs per hour.  So the key event to detecting when to save the 
> logged data is to detect first the port opening, followed by a halt to 
> port activity.  Which I haven't been able to figure out a way to do 
> under WinXP.


Have you contacted the manufacturer?

It would probably be simpler for them to just write a small
bit of code to close the logging file, and start a new one
(with a different name), and send you a new file.

And no, I don't like Windows at all -- but without feedback
from users, they'll never know that their logging software
is the pits.

More information about the mdlug mailing list