device type or device version in a PCAP [closed]
Is there any way I could detect/see the device type of an OT device or device version in a PCAP?
Is there any way I could detect/see the device type of an OT device or device version in a PCAP?
Asked: 2021-04-22 15:18:17 +0000
Seen: 422 times
Last updated: Apr 22 '21
What is the syntax for wireshark custom column
Tshark output file problem, saving to csv or txt
How to convert Pcapng file to pcap file by Tshark
Can I create a capture filter on a pcap file
How can I extract parameters from pcap
How to figure out cookies from pcap files?
extract only payload parts of packets of pcap file
Is there a maximum file size for pcap-files?
How to use rawshark to analyse a pcap file which is generated by tcpdump?
Isn't this a rephrasing of your previous question and hence a duplicate?
yes and no, I didn't want to ask in the same question another doubt (similar but not the same one). I've read that in IT devices with the follow TCP you can know the type of device so I was wondering if it would work similar with OT devices. Becasuse I know there are tools as Security Onion that can do an asset inventory but I can't find how they work and how they identify the device type in this kind of tools.
Seems to be the same question to me, just the source of the data is now specified to be a pcap. I'll close this as a duplicate as I think it helps to keep all the comments and answers on your original question. Feel free to add a comment to your original question if you think it needs clarification.