RS232 Sniffer - Software and Hardware Solution

Serial Port Sniffer

From time to time we need to monitor activities of our serial ports, say, developers might have to sniff RS232 or RS485 port to code an application or create a driver for a serial device. Windows OS, however, does not have built-in COM monitor so you cannot really watch the data flow in and out of the port unless you employ one of these methods:

  • Use COM Port Sniffer utility, this would be the easiest solution to the problem. Special applications are designed to listen to activities at both ends of the communication and display the data on a screen or record it on a disk.
  • Hardware RS232 sniffer - although it has disadvantages, it is really handy in certain cases. For example, a full duplex communication on an RS232 channel does not allow one to tie both lines together, two serial ports are monitored separately.

Contents

  1. Serial Port Sniffer software
  2. Hardware solution to sniff RS232 port

Serial Port Sniffer software


The simplest way to sniff RS232 port is to install a special application capable of monitoring, displaying, recording logs and analyzing all activities of the serial port. Should a problem occur when you are developing a software app or a driver, it will be tracked and displayed immediately.

The usage of serial monitor software


Developers require these software solutions when writing applications, creating device drivers and serial hardware; they help to code, test and optimize applications in an efficient way.

COM port monitoring solutions typically allow you to:

  • Create and run Java scripts required for bridging and analyzing RS232 custom data manipulation
  • Develop drivers for serial devices
  • Analyze functionality offered by third-party software and hardware
  • Investigate and reverse-engineer serial protocols
  • Record logs used for debugging implemented protocols and replay them
  • Monitor RS232 port communications, as well as RS422/485 port activity
  • Debug software/ hardware for RS232 ports
  • Develop peripheral hardware devices for RS232 ports
  • Implement, debug and test serial protocols to exchange data between devices and devices drivers
  • Parse MODBUS protocol messages
  • Debug and test MODBUS devices
  • Intercept and analyze data exchange between serial devices and Windows apps
Below we will have a look at the most popular COM port monitoring tools and compare their functionality.

Serial Port Monitor by Eltima Software


Serial Port Monitor by Eltima Software allows filtering and searching for specific data, features integrated terminal and is capable of exporting data. The additional bonus is its clean and intuitive interface. What is more, COM Port Monitor is fully compatible with Windows 10.

Serial Port Sniffer is a must-have tool for driver development, testing and optimization of serial devices. It is compact yet powerful enough to do its job really well and does not require any hardware to sniff and analyze RS232/422/485 ports data.
Serial Port Monitor logo

Serial Port Monitor

Log and analyze serial port activity
4.8 Rank based on 41+ users, Reviews(75)
Download 14-day fully-functional trial period
Serial Port Monitor

Serial Sniffer offers various filters and allows you to search for a specific data. It also has a built-in terminal and gives you multiple options to export data. Another advantage of the application is its simple and intuitive interface.

COM Port Sniffer enables you to:

  • Monitor all activities of a serial port
  • Watch multiple ports simultaneously
  • View data in different modes
  • Emulate data sent to devices

So how do you monitor a serial port with the help of this application?

It is easy, follow these steps:

1. Download and install the app on your computer, launch it.

2. Now you need to enable monitoring.

This is how you do it - on starting a new session either choose ‘Monitoring -> Start’ in the Main menu or click ‘Start monitoring’ in the main toolbar or press F5. This should start a monitoring session immediately.

Start monitoring

Check if “Start monitoring” button is deactivated now, but “Pause monitoring” and “Stop monitoring” buttons are enabled. This would mean that monitoring is in progress.

3. Open the port via the application.

Open the port

Technet solution (Portmon 3.x) by Microsoft


Portmon is COM monitor software by Microsoft. Apart from COM ports, it also allows you to track parallel ports enabling you to analyze their activity and fix problems immediately when they arise.

Portmon screenshot

Portmon 3.x. allows you to:

★ Monitor ports remotely over network (TCP/IP/Internet).

If you are running the app on Windows NT/2K system and need to capture data from another system in the same network, Portmon itself installs its client software.

★ Monitor several computers simultaneously.

★ Filter logged data.

★ Highlight debug output according to your highlighting filter. You can customize the highlighting colors.

★ Print debug output file.

Let Portmon know what port you would like to monitor and it will send a request to its device driver with the NT name you are interested in.

Select a port for monitoring

When you select a port to monitor, Portmon sends a request to its device driver that includes the NT name you are interested in – it could be \device\serial0, etc. The driver has its own filtering APIs used for attaching its own filter device object to the target device object.

The sequence looks as follows: the target device is opened with the help of ZwCreateFile; once the latter sends back a handle, it is translated to a device object pointer. The driver then creates its own filter device object according to the target parameters, then loAttachDeviceByPointer is called to establish the filter. Thus the driver sees all requests to the target device.

Applications and drivers configure and read statuses from ports with the help of input/output controls, Portmon has a built-in way of knowing them for all standard serial and parallel ports.

Serial Monitor by HHD


Serial Port from HHD is another COM monitor software solution, it is meant for capturing, displaying, analyzing, recording and replaying traffic between Windows applications and serial devices.

Serial Monitor by HHD

The software enables you to:

  • Transfer data at a high speed without affecting PC performance.
  • Log data exchanged for replaying them later.
  • Save captured data.
  • Configure the raw data streams display.
  • Monitor several devices at a time.
  • Choose the looks of the app.

Comparison chart of the top 3 COM monitor utilites


These COM ports monitoring apps have been around for years, their functionality is somewhat similar and it might be difficult for you to figure out which one would suit you better. We compiled a comparison chart to make things easier for you – hope it helps.

SPM (Eltima) Portmon (Microsoft) HHD Serial Port
Analyzes activity of any COM port software or hardware solution + + +
Monitors several COM ports at a time + - +
Supports all types of COM ports + + +
Intercepts all data exchanged with a COM port + + +
Offers built-in search + + +
Visualizes collected data + - in Ultimate version
Logs streams of incoming and outgoing data + + +
Traces all serial IOCTLs + + +
Copies recorded data into clipboard + + +
Logs customizable monitoring sessions + + in Ultimate version
Saves, loads and exports all monitored data + + +
Filters streams of data, presets included + + +
Monitors COM ports already open by apps In Pro version - -
Sends various types of data with the help of Advanced Send Dialog In Pro version - -
Supports Windows environment (both 32-bit and 64-bit) + works only on 32-bit Windows works only on 32-bit Windows
Price from $99,95 free from $199,99

The above data shows that although all the solutions are used for the same purpose, each of them has its own way of achieving it. Some parameters are common for all releases; others are available only in some versions of the applications. The Microsoft solution has a competitive advantage of being free, but it lacks on other features and it does not work in 64-bit environment. The same is applicable to Serial Monitor by HDD. As for the paid apps, when it comes to ‘value for money’ and functionality offered our pick is Serial Port Monitor by Eltima. It works equally well in Windows 32- and 64-bit and has just the right set of features.

Hardware solution to sniff RS232 port

Another way to track RS232 port data is to use a special sniffer cable that facilitates a one-on-one communication between DTE and DCE devices. DTE stands for Data Terminal Equipment, a PC or a printer, for example; while DCE is Data Communications Equipment, usually a modem. To connect a DTE device to another DTE or a DCE device a cable where transmitting and receiving lines cross is used, it is called a null-modem cable. To listen to the incoming and outgoing data one needs a special cable.

COM Port Sniffer

Transmit and receive lines in RS232 connection are separate, which makes it full-duplex, i.e. one can send and get data simultaneously.

The majority of protocols known as ‘master-slave’ or ‘query-reply’ are half-duplex. If devices on the opposite ends of the connection send data at the same time, the signals will collide on the receive line. A splitter cable can re-route the transmit lines of both devices to the read line for the computer that displays monitoring data. A device that is currently not sending data pulls its transmit line low, in the range of -12 V to -5V. If both transmit lines are low, i.e. none of the devices is sending data, the receive line of the split-off cable is pulled low as well. When both devices are sending out data, the receive line of the split-off cable is pulled up to the range of +5V to +12V. There might be some cross-talk between the transmit lines of the devices, but this should not be a problem.

A PC involved in monitoring data needs an application such as HyperTerminal, a Windows app, or its alternatives. The monitoring PC cannot send out or emulate sending out data as it transmit line is not connected.

As you see, the second solution requires additionally not only hardware, but an app too. While Serial Port Sniffer does not need any to sniff rs 232 and allows monitoring several ports simultaneously.

Serial Port Monitor

Requirements: Windows XP/2003/2008/Vista/7/8/10/Server 2012 , 9.16MB size
Version 7.0.342 (13th Jan, 2018) Release notes
Category: Communication Application
Olga Weis 29 Mar at 14:41
Olga Weis 27 Sept at 18:03