Secure your packet captures

Anonymize pcaps easily with Wireshark and WireEdit
Wireshark

Your OT network’s acting funny, and you have no idea why. You need to get a packet capture (pcap) and upload it into Visual BACnet, but the IT department’s dead-set against it: they won’t let you upload unless you scrub the files of confidential information, so they can’t be traced back to the building.

If your IT department doesn’t like you pulling pcaps to analyze BACnet health, your best bet is to anonymize the files. Changing the IP and MAC addresses will get rid of any identifying information. Then, you can dig into pcaps, troubleshoot, and solve problems with ease.

Read our instructions below, or check out the post on our support forum for a step-by-step guide with screenshots. Creating an account is free, and will give you access to all sorts of support articles.

  1. Launch Wireshark. In the Filter bar in the top left side, filter “bacnet || bacapp”.
  2. Export the specified packets (all those displayed) as .pcap files.
  3. With the filtered file still open in Wireshark, navigate to Statistics → Endpoints → Ethernet, select Copy in the bottom left hand corner, and paste into a secure document. Do the same for IPv4, navigating to Statistics → Endpoints → IPv4, and copy-pasting the data into a document. Save this for your future reference, or use it to map out how you would like to replace numbers in your IP and MAC addresses. For full screenshots of this, visit our support forum
  4. Next, find the BACnet-only .pcap file you saved, and open it in WireEdit.
  5. In Find What, enter the portion of the IP addresses that you would like to replace. (For example, 128.36.) In Replace With, enter the numbers that you would like to substitute in. (For example, 10.36.) Select Replace All. In this example, an IP address that read 128.36.10.21 would become 10.36.10.21.
  6. In Find What, enter the portion of the MAC addresses that you would like to replace. (For example, D0:D9:4F:) In Replace With, enter the numbers that you would like to substitute in. (For example, A1:B2:C3:) Select Replace All. In this example, a MAC address that read D0:D9:4F:55:66:77 would become A1:B2:C3:55:66:77. It doesn’t matter what numbers you substitute in for your IP and MAC addresses, as long as it doesn’t identify your network and devices and you keep track of the original addresses.
  7. Finally, you’ll want to fix Cyclic Redundancy Check (CRC) errors, which were created from modifying the packets. Click Edit from the top menu bar and select → Fix Errors.
  8. Save.
     

Happy (secure) troubleshooting!

Still worried about your packet captures? Read five ways to securely analyze BACnet data

Recent Blog Posts

Why do you need an MSI?

You’re in the design phase of a new building. Contractors and vendors are all coming at you with demands.

How to spec Division 25

The consulting specifying engineer of today is venturing into totally new territory: Division 25.

Tap into the power of your JACE

If you’re tired of going on site to capture BACnet data, look no further than your JACE.

The Basics of OT Networks
OT Networks Overview
Capture BACnet traffic right from your JACE

The latest release from Visual BACnet brings huge convenience and time saving for users with JACE controllers.

Recent Projects

Coventry University

COVENTRY UNIVERSITY

Chris Goodman, the Senior BMS Technician at Coventry University, had broadcast storms that were happening more and more frequently. 

Ongoing construction due to Coventry’s campus expansion meant lots of new activity, with technicians installing new devices and making network changes. Already juggling these constant additions and alterations, Goodman and his small team then had to deal with the subsequent broadcast storms. As the broadcast storms became more frequent, Goodman and his team needed a solution.

Find out how Visual BACnet helped Chris solve the broadcast storms and improve Network Health in our free case study!

View Case Study
Data center expansion with OTI and Optigo Connect

DATA CENTER EXPANSION

Stack Infrastructure is a portfolio of hyperscale computing data centers. OTI completed work on Phases I and II, and returned for the Phase III build-out of a 4-megawatt data hall and brand new central plant. The Optigo Connect network put in place in Phases I and II was expanded on this project. The team achieved quick roll-out of a large, multi-service redundant network using the Optigo OneView management interface. Going forward, the facility management team can use OneView to remotely monitor equipment, manage power usage, and meet up-time goals.

View Case Study
Optigo Connect MR Soluciones The Landmark

THE LANDMARK

The Landmark is a sophisticated mixed-use high-rise in Mexico. The owners wanted to integrate all OT systems in the skyscraper, while maintaining separate networks for each application. The Landmark is the fourth joint project between Optigo Networks and MR Soluciones. Together, these companies provide robust services to meet any challenge.

View Case Study
Australian Bureau of Statistics at 45 Benjamin Way with Delta Building Automation

45 BENJAMIN WAY

Delta Building Automation (Australia) had a big job renovating the Headquarters for the Australian Bureau of Statistics (ABS) at 45 Benjamin Way. The building owner wanted to improve the building’s energy use and increase their National Australian Built Environment Rating System (NABERS) score to more than 4.5 stars, out of a possible total of six. Securing the network both internally and externally was a big priority, as well.

View Case Study
Penn State University Optigo Networks Visual BACnet

PENN STATE UNIVERSITY

When Tom Walker looked at Penn State University’s Navy Yard network, he saw huge issues. The system was busy and loud, to the point where the overrun network was bringing down the entire building. Because this was happening on the MS/TP network, pinpointing the problem would mean boots on the ground to segment and test the chain, piece by piece.

View Case Study
Penn State University Optigo Networks Visual BACnet

PENN STATE UNIVERSITY

When Tom Walker first started working at Penn State University four years ago, there were a lot of network issues. Buildings were dropping offline. Broadcast traffic was pushing 90,000 packets per hour. Walker was on the phone almost every single night because devices were down or had to be reset.

 

View Case Study
Torre Manacar Mexico City Optigo Connect

TORRE MANACAR

When MR Soluciones began work on Torre Manacar, they knew they needed a flexible and scalable network infrastructure to support a wide array of integrated systems. Optigo Networks was a natural fit for the massive project, designing a robust network at a competitive cost.

View Case Study
short

SHORT PUMP TOWN CENTER

Short Pump Town Center, an upscale retail center, underwent a complete renovation in 2014. The flexibility of Optigo Networks’ solution meant the retail center’s unknown final design was not a barrier to placing IP surveillance equipment in the field.

View Case Study
BOULEVARD MALL

BOULEVARD MALL

Optigo Networks connected New York-based Boulevard Mall’s security surveillance devices in December 2015, using a Passive Daisy Chain topology.

Visual BACnet tech support team

TECH SUPPORT TEAM

One tech support team at a manufacturer purchased an account with Visual BACnet in April 2017, for technical problems around the world.