Hi,
Not really, if it’s a pcap-ng file look at statics->summary there is some info about Wireshark version and capture interface there I think.
Which may help.
Regards
Anders
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx]
On Behalf Of Vishnu Bhatt
Sent: den 21 augusti 2014 10:30
To: Developer support list for Wireshark
Subject: [Wireshark-dev] Machine on which wireshark capturing has been done
Hello,
I have a pcap file and I want to know on which machine is the file has been captured.
Is there a way to know the Mac or IP address of the machine/switch on which the file has been taken?
Thanks
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential
information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are
strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
