First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

ICCP/TASE.2 Procotol Disector/TestSimulation

Hi everyone! I'm new in protocol analysis and very interested in learn how to read IEC protocols, specially related to electric communication such as 60870-6. The problem is there is not a lot of information about this protocol over the internet, and I am doing my best to at least simulate an ICCP between a Virtual Machine and my computer and try to analize it with wireshark. I was looking for the ICCP protocol dissector into wireshark library, but I could not find anything. Does anyone knows if wireshark supports ICCP? Is there a way to simulate ICCP using free software? Thanks a lot for your support!

root1's avatar
1
root1
asked 2019-04-15 19:35:02 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Hi, Well, I hope you find an answer. But for others who are starting their research here is a tip: ICCP uses the "mms" protocol.

So in Wireshark even if there's no ICCP filter, using "mms" as filter does a pretty good job.

In my case with Wireshark 4.2.3 properly configured (I mean with PRES context set) my ICCP frames are properly decoded.

I hope this helps.

eric-pierre's avatar
1
eric-pierre
answered 2024-03-20 17:46:33 +0000, updated 2024-03-21 16:38:53 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer