http://wiki.wireshark.org/CaptureSetup/USB asked 16 May '12, 01:15  wiresharkhel... |
2 Answers:
Microsoft :-) Just kidding.... Linux offers a subsystem (usbmon) that enables libpcap to sniff USB traffic. There is nothing comparable under windows, as nobody has implemented it yet. You'll find some hints in the wiki how to create such a subsystem ("Hints for developing something like a Windows native "USBPcap":). However some of the links are outdated. Regards answered 16 May '12, 01:17  Kurt Knochner ♦ edited 16 May '12, 01:22 |
You can use USBPcap to capture USB traffic on Windows. answered 11 Apr '13, 11:53  desowin nice one. Thank you! (11 Apr '13, 14:21) Kurt Knochner ♦ |
ok so windows doesn't have the software
well, it's not yet possible with wireshark.
If you need to sniff USB traffic on windows 7, check this link:
Microsoft:) boy,that is spot on(SteveJ will shower his blessings)
The company that the first SteveJ who comes to mind formerly headed doesn't have a published and documented mechanism for doing USB sniffing. There are debug versions of the IOUSBFamily kext ("kext" is to OS X as "lkm" is to Linux or ".sys file", I guess, is to Windows) that provide information that some Apple tools can read; the debug versions are OS-version-dependent. Apple Technical Q&A QA1370, which is a bit out of date (
/Developeris obsolete; that stuff is now under/Applications/Xcode.app/Contents) saysso it sounds as if, even with that kext, you can't do as much sniffing on OS X as you can on Windows. Linux FTW here....