device type or device version in a PCAP [closed]
Is there any way I could detect/see the device type of an OT device or device version in a PCAP?
Is there any way I could detect/see the device type of an OT device or device version in a PCAP?
Asked: 2021-04-22 15:18:17 +0000
Seen: 431 times
Last updated: Apr 22 '21
Isn't this a rephrasing of your previous question and hence a duplicate?
yes and no, I didn't want to ask in the same question another doubt (similar but not the same one). I've read that in IT devices with the follow TCP you can know the type of device so I was wondering if it would work similar with OT devices. Becasuse I know there are tools as Security Onion that can do an asset inventory but I can't find how they work and how they identify the device type in this kind of tools.
Seems to be the same question to me, just the source of the data is now specified to be a pcap. I'll close this as a duplicate as I think it helps to keep all the comments and answers on your original question. Feel free to add a comment to your original question if you think it needs clarification.