Share your knowledge at the LQ Wiki.
Go Back > Forums > Non-*NIX Forums > Programming
User Name
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.


  Search this Thread
Old 12-10-2017, 11:46 PM   #1
Registered: Mar 2008
Posts: 140

Rep: Reputation: 0
Monitoring data passing on USB bus & copying data (dumping) to hard drive (forking an identical data stream)

I'm wondering if it is possible to write a program (or if there may be an internal function which would allow for this within Linux) that would allow for all data passing through the USB bus to be recorded in it's own directory on the hard drive. I don't know how the data on the bus flows, but I am especially interested in monitoring various devices (let's say camera and USB VoIP phone) and specifically USB flash drives.

I'd like to have a way to have a directory for each USB device that is attached to the machine - so the data can be sent to the directory related to the device. If I copy 20 200mb AVI's to a USB drive from a hard drive (drive A), then it goes to the USB drive as well as another hard drive (specifically for this task - SSD drive B) where it is stored in the directory named after the target USB device.

Now it is possible to have a very large RAM drive created of 32-54GB in size (with system/OS ram of 8-32GB depending upon size of RAM drive needed) that could be used as a buffer to copy/store any of the data passing though the USB bus (yeah I know typing bus is redundant.....) if that would help things and then the ram drive could copy to destination SSD (or regular HD if desired).

IDK if the data on the bus would need to be re-processed to make it "usable" similar to how data passing on a network needs to be recompiled due to being broken up in packets, but that could be done maybe from the RAM drive to the destination drive?

I have a need for something like this but it is in the conceptualization process and IDK if there would be a better way of doing this. It needs to be done in the background so it is not seen by the users or interrupts the normal function of the computer. It would also NEED to have date/time stamps of when the process happened (redundancy in this would be very helpful in duplicate or even 3-4 times for extra verification) as well as the user that called the action, if another account was used within the logged on user, etc. This information could be saved as a seperate file and doesn't need to be part of the file attributes as I think that may be more difficult as some may not be standard attributes on EXT3/4.

Can anyone give me an idea of where to start with something like this an whether there may be built in options within Linux to do this. Also, if it needs to be coded, what language would be best to do this? C/C+???
Old 12-11-2017, 03:02 AM   #2
LQ Guru
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Pi OS & Android
Posts: 11,770

Rep: Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377Reputation: 1377
Read the man page of the tee program.
Old 12-11-2017, 04:57 AM   #3
Registered: Mar 2008
Posts: 140

Original Poster
Rep: Reputation: 0
Originally Posted by business_kid View Post
Read the man page of the tee program.
thank you!
Old 12-11-2017, 07:52 AM   #4
Registered: Aug 2002
Posts: 20,402

Rep: Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548Reputation: 3548
Here is some information on capturing raw USB traffic.
Old 12-11-2017, 01:58 PM   #5
LQ Guru
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137Reputation: 2137
This seems highly impractical. Capturing the data for a single device for a specific period of time is one thing. Capturing the data for ALL devices ALL the time is another matter entirely. You'd need an entire server to store the data for even a single machine for any reasonable length of time. USB 2 runs at 40 MB/s. That's 2.4 GB/min, 144 GB/hour, 3.5 TB/day, for a SINGLE USB 2 device that's streaming near full speed (eg: a webcam). Add in USB network adapters, flash drives, hard drives, etc. and you're talking hundreds of dollars a day to keep up with the storage requirements.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Stripping data packet and converting to data stream ravishchugh Programming 8 03-14-2016 06:41 AM
slackware 14.1 copying data to usb drives results data loss corruption TuxDork Slackware 7 02-17-2015 11:10 AM
Copying data from one hard drive to another in linux Raakh5 Linux - Newbie 3 11-25-2013 07:25 AM
Bash or Perl example: copying data from a CD/DVD, to hard drive. bluesword1969 Programming 7 05-04-2010 02:55 PM
problem with copying data from a (western digital) usb drive (ntfs partition) piyush.popli Fedora 4 02-23-2009 04:40 AM > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 09:57 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration