Ask Your Question
0

LOGO!8_tcp_stream

asked 2022-04-14 14:31:03 +0000

sybren6 gravatar image

updated 2022-04-15 06:47:08 +0000

Jaap gravatar image

I am currently busy with researching the ethernet communication options of a logo8 PLC. But with a network scan using Wireshark I see a communication that is more or less a TCP stream when followed you can see elements of the written program but also a lot of blank spaces does anyone know which higher protocol is used for this is it similar as a Tia portal to PLC connection?

Down below a few sentences out the TCP stream

K...........GetHWType....'..K..`.............K...........GetHWId......'..K .`..............K...........CheckState...'..K..`.............K...........CheckState...'..K..`.............K...........GetVersion...'..K .`..............K...........GetPrgHead...'..K..`..................}...J.....Uihu...\Uihu...\Uihu...\Uihu...\K...........CheckState...'..K..`.............K...........HasHoursCnt..'..K..`.............K...........GetAiCnt.....'..K..`.............K...........CheckMS......'..KP.`.................KP..........StartDown....'......];._.K..`............K.0.........InDown.......'................;.E.2LUihu...\Uihu...\Uihu...\Uihu...\...................................                ..
........................................................................................................off                             .............aantal werks                    .............tukken                          .............                                .............                                .............                                .............ON start                        .............feed in                         .............                                .............                                .............                                .............                                ...K@.`................K.0.........InDown.......'................feed                            .............                                .............                                .............                                .............                                .............                                .............Return                          .............                                .............                                .............                                .............                                .............                                .............cooling down                    .............off in                          .............                                .............                                .............      K@.`................K.0.........InDown.......'......                          .............                                .............trip                            .............no fault?                       .............press reset                     .............                                .............                                .............                                ...........................................................................................................................................................................................................................................................................................................................................................................................................K@.`................K.0.........InDown.......'......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................K@.`................K.0.........InDown.......'...............................................................................................................................................................................................................................................................................................................................................
edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2022-04-17 03:08:36 +0000

Guy Harris gravatar image

does anyone know which higher protocol is used for this

A Web search I did for

logo 8 plc protocol

found https://www.promotic.eu/en/pmdoc/Subs..., which indicates that they use a Siemens-designed protocol named "S7".

Wireshark supports dissecting that, but it might not automatically recognize it. It originally ran on top of the OSI Connection-Oriented Transport Protocol (ISO 8073), but it can also run on top of TCP, using the RFC 1006protocol, which encapsulates ISO 8073 inside TCP. That's what https://www.promotic.eu/en/pmdoc/Subs... says it uses.

Wireshark also supports RFC 1006, but you may have to use "Decode As" to dissect that TCP stream as RFC 1006.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2022-04-14 14:31:03 +0000

Seen: 270 times

Last updated: Apr 17 '22

Related questions

Siemens PLC Packets - Showing COTP instead of S7COMM [closed]

unknown (for me) traffic

FCS/Dup Ack/Retransmit

Can I use the Wireshark logo?

Siemens HMI VNC server freeze

Can I use the Wireshark Logo to represent Wireshark

FTP from PLC to Robot with larger files fails