Open In App

BACnet in Wireshark

Last Updated : 28 Oct, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Digital information is more precious than any other asset in this information era, so it becomes the necessity of each and every organization to secure the data and provide a safe transfer of data over the network. Network in itself is very complex and transferring data attracts unwanted users and attackers who want to steal users’ information so to deal with such cases it was essential to understand the network and analyze that for potential threats and vulnerabilities. For this purpose Wireshark was launched which provides the best tools for analyzing, troubleshooting, and finding loopholes in the network.

BACnet stands for Building Automation and Control networks. It is a networking protocol that follows different standards like ANSI, ISO, ASHRAE, etc. for building communication mechanisms of different devices which can be controlled remotely like Air conditioner, fire detecting systems, automatic lights, etc.

BACnet in Wireshark:

BACnet is a window in Wireshark which is used to analyze captured data packets using BACnet protocol. Any data transferred between systems like fire detecting systems sending messages to the owner’s phone can be captured through Wireshark and can be analyzed. All the information like time, source IP address, destination IP address, and other related information can be gathered easily.

BACnet window can be found under Statistics tab in Wireshark, Click on BACnet to open a drown down menu which shows option of filtering the data packets on the basis of different parameter like Instance ID, IP address, Object type and Service.

Wireshark statistics menu

 

On clicking BACnet option detailed information about captured data can be seen as follows:

Wireshark statistics menu

 

  • Topic/Item : This field is used to show the information related to address message fields of captured data packets, these can be Subsequent Address Message (SAM), Address Complete Message (ACM) etc.
  • Count : Count field is used to show the count of particular type of BACnet data packets like BACnet-APDU.
  • Average : This fields is used to indicate the average value of captured data packets of a particular type.
  • Min Value : Indicates minimum value of the data field of captured data packet.
  • Max Value : Indicates maximum value of data field of captured data packet.
  • Rate : It is the data transfer rate, the speed at which data is transferred from one end to another.
  • Percent : It shows the percentage of captured data in each packet of BACnet.
  • Burst Rate : It is basically the upper limit of transmitting any data in a particular period of time.
  • Burst Start : It depicts the time point when the burst happens.

All the data can be copied and saved in different formats for later use. 


Like Article
Suggest improvement
Next
ANCP in Wireshark
Share your thoughts in the comments

Similar Reads

SNMP Users Table in Wireshark
SMI (MIB and PIB) Paths in Wireshark
Viewing Packets You Have Captured in Wireshark
ONC-RPC Programs in Wireshark
Bluetooth Devices in Wireshark
Steps of Marking Packets in Wireshark
MATE’s Configuration Library in Wireshark
ARP in Wireshark
HART-IP in Wireshark
Packet Details Pane Functions in Wireshark

J
jyotirajpoot
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox