Serial Port Monitor 2021
Channing Chambers
I hear a lot of good things about com0com, which is a software port emulator. You can "connect" a physical serial port through it, so that your software uses the (monitored) virtual port, and forwards all traffic to/from a physical port. I haven't used it myself, but I've seen it recommended here on SO a lot.
I haven't found a good free tool that will emulate a port and record/replay comms. The commercial ones were expensive and either so limited or so complex if you want to respond to commands that I ended up using expect and python on a second machine.
I've been down this road and eventually opted for a hardware data scope that does non-instrusive in-line monitoring. The software solutions that I tried didn't work for me. If you had a spare PC you could probably build one, albeit rather bulky. This software data scope may work, as might this, but I haven't tried either.
I'd get a logic analyzer and wire it up to the serial port. I think there are probably only two lines you need (Tx/Rx), so there should be plenty of cheap logic analyzers available. You don't have a clock line handy though, so that could get tricky.
Portmon is a utility that monitors and displays all serial andparallel port activity on a system. It has advanced filtering and searchcapabilities that make it a powerful tool for exploring the way Windowsworks, seeing how applications use ports, or tracking down problems insystem or application configurations.
Simply execute the Portmon program file (portmon.exe) and Portmonwill immediately start capturing debug output. To run Portmon onWindows 95 you must get the WinSock2update from Microsoft. Notethat if you run Portmon on Windows NT/2K portmon.exe must be locatedon a non-network drive and you must have administrative privilege.Menus, hot-keys, or toolbar buttons can be used to clear the window,save the monitored data to a file, search output, change the windowfont, and more. The on-line help describes all of Portmon's features.
Portmon understands all serial and parallel port I/O control (IOCTLs)commands and will display them along with interesting informationregarding their associated parameters. For read and write requestsPortmon displays the first several dozen bytes of the buffer, using'.' to represent non-printable characters. The Show Hex menu option letsyou toggle between ASCII and raw hex output of buffer data.
The Portmon GUI is responsible for identifying serial and parallelports. It does so by enumerating the serial ports that are configuredunder HKEY_LOCAL_MACHINE\Hardware\DeviceMap\SerialComm and theparallel ports defined underHKEY_LOCAL_MACHINE\Hardware\DeviceMap\Parallel Ports. These keyscontain the mappings between serial and parallel port device names andthe Win32-accessible names.
When you select a port to monitor, Portmon sends a request to itsdevice driver that includes the NT name (e.g. \device\serial0) thatyou are interested in. The driver uses standard filtering APIs to attachits own filter device object to the target device object. First, it usesZwCreateFile to open the target device. Then it translates thehandle it receives back from ZwCreateFile to a device objectpointer. After creating its own filter device object that matches thecharacteristics of the target, the driver callsIoAttachDeviceByPointer to establish the filter. From that point onthe Portmon driver will see all requests aimed at the target device.
Portmon has built-in knowledge of all standard serial and parallelport IOCTLs, which are the primary way that applications and driversconfigure and read status information from ports. The IOCTLs are definedin the DDK file \ddk\src\comm\inc\ntddser.h and\ddk\src\comm\inc\ntddpar.h, and some are documented in the DDK.
On Windows 95 and 98, the Portmon GUI relies on a dynamically loadedVxD to capture serial and parallel activity. The Windows VCOMM (VirtualCommunications) device driver serves as the interface to parallel andserial devices, so applications that access ports indirectly use itsservices. The Portmon VxD uses standard VxD service hooking tointercept all accesses to VCOMM's functions. Like its NT device driver,Portmon's VxD interprets requests to display them in a friendlyformat. On Windows 95 and 98 Portmon monitors all ports so there is noport selection like on NT.
I'm trying to find a basic example, tutorial, or blog post on how to write a printer port monitor. I downloaded the Windows DDK and dug through localmon, but it appears that this sample is much more complex than just the nuts and bolts basics and from my understanding it is a bit different than an OEM port monitor because of how it handles the registry key and port enumeration. Does anyone know of a blog post, tutorial, or even book that walks the reader through the basic code to get one up and going? I've found a few links talking about the conceptual stuff, but nothing that is hands on code.
The one thing that regularaly trips people up is EnumPorts, the spooler allocates enough memory for ALL the ports, not just yours. So you need to make sure you fill any strings from the end of the spoolers buffer, don't put them straight after your structures.
I have been over that exact same territory for a serial printer. About the best example I found was this article in Dr Dobbs Journal. The good part is that both a serial port driver and the user-space control program are covered and the project can also be used as an example of how to set up Visual Studio to compile a driver. This is also something a little difficult to find information about. The article discusses an old NT style driver, which worked well for me on XP.
I am new to Arduino and don't know a lot of things about Arduino and how thing should or shouldn't go, so I am sorry:D For context I am trying to do this project to graduate on high school. I've been having some problems since I started. The last one was with Serial Monitor where should have been written text, but nothing was there. My classmate who knows Arduino pretty well recommended me to reinstall Arduino IDE. After first reinstall, there was some avrdude error after trying to upload and error message saying "Port monitor error: command 'open' failed: Invalid serial port. Could not connect to COM4 serial port." Of course I tried other port or other Arduino but nothing changed. I also tried some things like install driver and stuff like this. So i tried another reinstall. After this I thought something changed because the avrdude error wasn't there but now i realised it showed after upload so I tried it and it is still there and nothing changed.
Before the reinstall was everything alright, except the Serial Monitor, and now when i plug in the USB there is message saying "Connecting to 'Arduino Nano' on 'COM4'..." for like 20 seconds and after that the error message "Port monitor error: command 'open' failed: Invalid serial port. Could not connect to COM4 serial port." shows."
I also tried to use old computer with Windows 10 and everything works. Computer recognise the COM port, can connect and I am able to upload. So it is something with the computer but I don't really know. I am using Windows 11.
I have the 3.8.2023.2 version of the driver reported there as being problematic installed on my computer and I don't have any problems using Serial Monitor and uploading to an Arduino board with the CH340 chip, so it doesn't affect all users universally.
In general, you should not use "portguard" with slow drain type counters (txwait, timeout-discards, credit-loss-reco, tx-credit-not-available, and so on) on logical-type core ports. This is because the problem is not normally on these ports, but on the actual edge (F) ports where the end devices are connected. If "portguard" is done on core ports for slow drain type counters, then typically all of the ports in the port-channel (E or F) will end up getting errordisabled or flapped. This is because the MDS will load balance all exchanges across all port-chanel members and as a result, all the member ports will be affected.
Ports can be shut down (error disabled) or flapped upon reaching the rising-threshold via the portguard errordisable flap parameter. This can be used for both ISLs and F port connections to N-Port Virtualizer (NPV) switches (logical-type core) as well as regular end device F ports (logical-type edge). However, if it is desired to take a portguard action for a counter related to slow drain, then that must normally only be done on a logical-type edge policy.
The "logical-type core" policy is the same as the previous CorePorts policy except it will errordisable a port if there are six or more link failures in a 60 second interval or there are 10 or more invalid CRC frames received in a 60 second interval. The ports are shutdown (error disabled) if the event level has been raised from 4 (warning) to 2 (error):
So if node A has a failed port 10081 and node B has a failed port 10082 the trigger conditions will be met and send a false positive. Do you know of a workaround to only alert if BOTH ports are down on a single node?
In the VDA environment users are producing printer driver errors stating that the 'print driver for "Print to PDF" and "Send to Microsoft OneNote 16 Driver" may not be used in conjunction with a non-inbox port monitor.'
Adversaries may use port monitors to run an adversary supplied DLL during system boot for persistence or privilege escalation. A port monitor can be set through the AddMonitor API call to set a DLL to be loaded at startup.[1] This DLL can be located in C:\Windows\System32 and will be loaded by the print spooler service, spoolsv.exe, on boot. The spoolsv.exe process also runs under SYSTEM level permissions.[2] Alternatively, an arbitrary DLL can be loaded if permissions allow writing a fully-qualified pathname for that DLL to HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors.
First, let me apologize for what may be a very basic question. I've searched extensively on the forum and LavaG but cannot find an example of a serial port sniffer using LabView. My question is, how do you use LV to sniff out a serial port without causing a sharing violation with the other program? I know of NI Spy and have used it, but I need a VI specifically for my application.
356178063d