IP Interface Info

Overview

Evidence: IP Interface Info Description: ESXi IP Interface Info Category: Network Platform: esxi Short Name: ipifaceinfo Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

IP interface configuration on ESXi defines network addressing, routing, and connectivity for management, vMotion, and storage networks. IP settings control how the hypervisor communicates on networks and can be modified to redirect traffic or enable unauthorized network access.

Data Collected

This collector gathers structured data about ip interface info.

IP Interface Info Data

Field

Description

Example

AccessTime

Access Time

2023-10-15 14:30:25+03:00

AccessCount

Access Count

123

URL

URL

Example value

Browser

Browser

Example value

Title

Title

Example value

VisitDuration

Visit Duration

Example value

Referrer

Referrer

Example value

TypedCount

Typed Count

123

IsHidden

Is Hidden

true

TransitionType

Transition Type

Example value

VisitID

Visit ID

123

TransitionQualifiers

Transition Qualifiers

Example value

User

User

Example value

Profile

Profile

Example value

HistoryFilePath

History File Path

Example value

Collection Method

This collector parses IP interface information, extracting interface names, IP addresses, netmasks, broadcast addresses, MAC addresses, MTU settings, interface states, and network type assignments for each configured IP interface.

Forensic Value

IP interface data reveals network addressing schemes, detects unauthorized IP assignments, identifies network type misconfigurations, and traces communication paths. Comparing interface configurations against network diagrams helps detect rogue network connections or man-in-the-middle attack setups.

PreviousInfo NextKernel Info

Last updated 9 days ago

Was this helpful?