Changes between Version 9 and Version 10 of Linux/Ubuntu/USBmonitoring


Ignore:
Timestamp:
06/09/08 15:10:15 (9 years ago)
Author:
tj
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Linux/Ubuntu/USBmonitoring

    v9 v10  
    66To avoid having to run a Windows USB snoop application on a physical machine, or in a virtual machine guest, the '''''usbmon''''' facility of the Linux kernel can be used. [http://people.redhat.com/zaitcev/linux/ Pete Zaitcev's usbmon userspace application] uses this facility to dump information on the raw packets. It is possible to use [http://www.wireshark.org/ Wireshark] too, provided a recent (mid-2008) CVS version of [http://www.tcpdump.org/ libpcap] is used. The libpcap version provides access to raw USB devices as well as network interfaces. 
    77 
    8 With Linux providing the raw capture facility, a virtual machine Windows guest can be used and the USB device's drivers installed into it. When the USB device is connected using the virtual machine hypervisor connection commands, the Linux packet capture will see and record everything the Windows driver does to initialised and work with the device. 
     8With Linux providing the raw capture facility, a virtual machine Windows guest can be used and the USB device's drivers installed into it. When the USB device is connected using the virtual machine hypervisor connection commands, the Linux packet capture will see and record everything the Windows driver does to initialise and work with the device. 
    99 
    1010== Requirements == 
     
    175175== Packet Capture == 
    176176=== Wireshark === 
    177 The [http://wiki.wireshark.org/CaptureSetup/USB http://wiki.wireshark.org/CaptureSetup/USB Wireshark Wiki has an overview of USB packet capture].[[BR]][[BR]] 
     177The [http://wiki.wireshark.org/CaptureSetup/USB http://wiki.wireshark.org/CaptureSetup/USB Wireshark Wiki has an overview of USB packet capture].[[BR]] 
     178 
    178179== Next ==