 | 1 | initial version |
does anyone know which higher protocol is used for this
A Web search I did for
logo 8 plc protocol
found https://www.promotic.eu/en/pmdoc/Subsystems/Comm/PLC/LOGO.htm, which indicates that they use a Siemens-designed protocol named "S7".
Wireshark supports dissecting that, but it might not automatically recognize it. It originally ran on top of the OSI Connection-Oriented Transport Protocol (ISO 8073), but it can also run on top of TCP, using the RFC 1006 protocol, which encapsulates ISO 8073 inside TCP. That's what https://www.promotic.eu/en/pmdoc/Subsystems/Comm/PmDrivers/PmS7.htm says it uses.
Wireshark also supports RFC 1006, but you may have to use "Decode As" to dissect that TCP stream as RFC 1006.