T1016: System Network Configuration Discovery

Adversaries may look for details about the Network configuration and settings of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp, ipconfig/ifconfig, nbstat, and route.

Adversaries may use the information from System Network Configuration Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.

Example

Will demonstrate the arp and ipconfig commands from CMD

PreviousT1049: System Network Connections Discovery NextT1082: System Information Discovery

Last updated 3 years ago