[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [plug] Easymail




> Does anyone know where I can get some sort of packet sniffer for Windows?
> A web search brings up plenty for Linux, but none for Windows.

You could run the MS-Windows box to the internet via a Linux machine
acting as a firewall and then tcpdump the local ethernet. However, I
doubt that Easymail actually uses TCP/IP for it's transfer, more likely
it is a variant of UUCP and grabs the serial line directly. In such a
case you can do it by wiring the serial lines up to allow your
Linux box to monitor serial traffic between the Windows box and it's
external modem.

A rough circuit would be:


[MS-Windows]   Most wires ------------------ straight through    [Modem]
                 2   TX-----------+----------------TX 2
                 3   RX-----------|-+--------------RX 3
		 7  GND-----------|-|-+-----------GND 7
                                  | | |
[/dev/ttyS0]     3   RX-----------' | |
                 7  GND-------------|-+
                                    | |
[/dev/ttyS1]     3   RX-------------' |
                 7  GND---------------'

This is presuming that all ports are 25 pin, the 9 pin ones are
a bit different. Anyhow, I got the pin numbers from memory so you
should double check them. Note also that the modem is wired as a DCE
which means that all the inputs are outputs and the outputs are inputs, etc.
Thus, you start with 25 lines straight through from the PC to the modem
and you carefully patch in a few of the extra lines to enable the linux
box to monitor the traffic. The quickest way is probably to buy a
ready-made modem cable and open up one plug or else cut into the cable.

Note that the linux box should be set to ignore handshaking completely,
and all ports must be set to the same baud rate. You can run minicom and
fiddle with the settings until it works. Don't forget to disable GPM.

It is also a good idea to write some logging software that timestamps
each message so that you can reconstruct the two way dialog, running
two minicoms will at least get you log files but they may be difficult
to use without timestamps.

I've sent this to plug & computerbank so someone can straighten
me out if I got the pin numbering wrong. Maybe someone already has
such a cable wired up...

	- Tel