Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.
Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).
I'm trying out my newly purchased serial tap. It works fine and it captures the traffic in a serial line. But the protocol IEC 60870-5-101 is not supported by the IO Ninja software so I can only see Hex information.
So I thought of two ways to translate this protocol
I have a software that can translate this protocol but it can only listen to com ports. Is there a way to get the serial tap to act like a com port in windows?
Wireshark can translate this protocol as well. Is there a way to listen to a serial tap in Wireshark? I saw that it was possible to do that with the ethernet tap using pipes.
Which is the underlying link you are sniffing with your Serial Tap? Is it half-duplex or full-duplex?
@vladimir
Half duplex.
More information about the protocol: https://en.wikipedia.org/wiki/IEC_60870-5 https://www.ensotest.com/iec-60870-5-104/introduction-to-the-iec-60870-5-104-standard/
If this is a half-duplex link, you can utilize a regular 3rd-party USB-to-Serial adapter from this application of yours that you say can decode 60870-5-101.
It's also theoretically possible to post-process an .njlog captured with a Serial Tap and convert it into a .pcap for further analysis in Wireshark. However, it looks like Wireshark can only decode IEC-60870-5-103:
.njlog
.pcap