I have two pcap files and I am trying to find out how can I find from network traffic about which following information I should I be filtering the data for this? I was looking commands but it didnt show anything speficics just that help commands were sued.
- BWE assets appear to have been active during the time of the power outage incident
- What method/socket do you think could have been used in capturing passwords from one of the assets
- At what time was the first command sent to switch off circuit and from which BWE asset?