NIC List

Overview

Evidence: NIC List Description: List ESXi NICs Category: Network Platform: esxi Short Name: niclist Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

Physical network interface cards (NICs) connect ESXi hosts to network infrastructure. NIC configuration and status information reveals network connectivity, adapter associations, link states, and potential hardware tampering or unauthorized network device additions.

Data Collected

This collector gathers structured data about nic list.

NIC List Data

Field

Description

Example

Name

Name

Example value

PCI

PCI

Example value

Driver

Driver

Example value

Link

Link

Example value

Speed

Speed

Example value

Duplex

Duplex

Example value

MAC

MAC

Example value

MTU

MTU

123

Description

Description

Example value

Collection Method

This collector parses NIC enumeration data, extracting interface names, descriptions, MAC addresses, PCI device information, driver details, link states, speeds, duplex settings, and administrative status for each physical network adapter.

Forensic Value

NIC inventory helps validate physical network connections, detect rogue network adapters, identify driver-based attacks or rootkits, and trace network paths used during incidents. MAC addresses and PCI information assist in hardware identification and change detection.

PreviousNetworks NextOpen Files

Last updated 9 days ago

Was this helpful?