Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.
Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).
Hi,
I'm currently evaluating IO Ninja and try to get the HID Monitor up and running (on Windows). Usbpcap is installed correctly, and both the normal HID terminal as well as the USB endpoint sessions work fine, they enumerate the USB/HID devices properly and I can open them.
However, the HID Monitor does not enumerate the HID devices. The drop-down list is just empty, even after trying to "refresh". Same is true for the USB Monitor.
Given the fact that the normal HID session and the USB endpoint session are working fine, am I missing anything in order to get the Monitor enumerations to populate?
Thanks and kind regards, Jörg
Hi Jorg,
If the USB Mon device list is empty, it most likely means that USBPcap is not properly installed (did you reboot after installing it?) The enumeration of USBPcap devices requires no elevated privileges, so you should see the list of available USB devices (together with their mapping to particular USBPcap devices) in the drop-down list no matter if you run IO Ninja elevated or not. You can try running the USB Mon session as Administrator for the sake of the experiment, but it shouldn't change much...
Can you see the list of available USBPcap devices in Wireshark by the way?
Hi Vladimir,
thanks for the quick reply and indeed, it looks like I screwed up with the most BASIC instruction: rebooting after installing.
When trying everything again today, it worked like a charm. Of course.
The only thing that you might be interested in: while the enumeration and device selection work fine now even w/o elevated privileges, I need to run with elevated privileges in order to actually capture some data. W/o elevation, capture attempts lead to "access denied" messages. But that is no issue, of course, just information.
Thanks for pointing me in the right direction, I promise I will pay more attention to the instructions next time.
Cheers, Jörg
Hi again, Jörg,
Correct, for capturing, elevation is required. This is by design -- capturing USB traffic is a major security threat (e.g., it allows intercepting keystrokes, mouse movements, etc). The USBPcap driver makes sure only elevated processes can open \Device\USBPcap<n> for reading by assigning a corresponding security descriptor. And there's no way to override this behavior -- the security descriptor is hardcoded.
\Device\USBPcap<n>
After installing the latest IONinja, the software cannot locate the port I can see Serial Tap under Device Manager USB controllers-> IO Ninja Serial Tap, location Port_#0001.Hub_#0003 When I start a new session for ModBus Analyzer, the port list just empty. The capture aborted with message file cannot located The devmon is installed and works properly as in the KB section Any idea why? Thanks
@apie-llc
I can see Serial Tap under Device Manager USB controllers-> IO Ninja Serial Tap, location Port_#0001.Hub_#0003 When I start a new session for ModBus Analyzer, the port list just empty.
Which session are you running? I mean, Modbus Analyzer is a layer plugin that's attached on top of some other session that provides raw data. I assume, you want to capture data via a Serial Tap -- then you have to start a Serial Tap session first:
Then you can attach Modbus Analyzer on top so that it decodes Modbus commands & replies for you.
The devmon is installed and works properly as in the KB section
devmon is for capturing local traffic generated by other apps on the same PC; it's not required for a Serial Tap.
If you have another application doing Modbus communications, you can start a Serial Monitor session (this plugin uses devmon) and see what this other app sends and receives. Then you can attach a Modbus layer on top to parse raw data and decode Modbus packets.