Ask Your Question
0

how to programmatically obtain a list of "caught" packets using wireshark?

asked 2020-02-15 11:12:48 +0000

I am a 2nd-year student. I am writing course work and I need to use programmatically(I mean write code) Wireshark to get a list of all IoT devices in the environment. How to programmatically distinguish typical devices from other unknowns? Can this be done in python or only in c ++ ?. Are there any examples of solutions to such problems? Now I have built the Wireshark-3.2.1 project in Cline. I have a Kubuntu18.04 operating system. I don't know how to start, please give me an advice.

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted
0

answered 2020-02-15 16:50:53 +0000

Jaap gravatar image

First question would be: based on what are you going to distinguish the IoT devices from others on the network? After that its a matter of scripting or postprocessing (probably) tshark output in Python.

edit flag offensive delete link more

Comments

I don’t know yet how I will do it. I want to figure out what the typical IoT packages look like. And come up with some rules to distinguish them.

varvara gravatar imagevarvara ( 2020-02-15 17:39:20 +0000 )edit

And how will you capture the IoT traffic? If on a switched network you'll need to capture on the switch, or by spanning a port on it. If on a WiFi network, can your capture hardware see all the channels and modulation schemes in use? What happens if the traffic is encrypted, e.g. TLS?

Maybe you should be looking at something like nmap to actively scan for devices, rather than hoping to capture random traffic and interpret it.

grahamb gravatar imagegrahamb ( 2020-02-15 18:15:36 +0000 )edit

I want to get this list using Wireshark. And those packets that are encrypted or not defined, I will put off in a separate list.

varvara gravatar imagevarvara ( 2020-02-15 18:38:58 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2020-02-15 11:12:48 +0000

Seen: 149 times

Last updated: Feb 15