IP Interface Info
Overview
Section titled “Overview”Evidence: IP Interface Info
Description: ESXi IP Interface Info
Category: Network
Platform: esxi
Short Name: ipifaceinfo
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No
Background
Section titled “Background”IP interface configuration on ESXi defines network addressing, routing, and connectivity for management, vMotion, and storage networks. IP settings control how the hypervisor communicates on networks and can be modified to redirect traffic or enable unauthorized network access.
Data Collected
Section titled “Data Collected”This collector gathers structured data about ip interface info.
IP Interface Info Data
Section titled “IP Interface Info Data”| Field | Description | Example |
|---|---|---|
AccessTime | Access Time | 2023-10-15 14:30:25+03:00 |
AccessCount | Access Count | 123 |
URL | URL | Example value |
Browser | Browser | Example value |
Title | Title | Example value |
VisitDuration | Visit Duration | Example value |
Referrer | Referrer | Example value |
TypedCount | Typed Count | 123 |
IsHidden | Is Hidden | true |
TransitionType | Transition Type | Example value |
VisitID | Visit ID | 123 |
TransitionQualifiers | Transition Qualifiers | Example value |
User | User | Example value |
Profile | Profile | Example value |
HistoryFilePath | History File Path | Example value |
Collection Method
Section titled “Collection Method”This collector parses IP interface information, extracting interface names, IP addresses, netmasks, broadcast addresses, MAC addresses, MTU settings, interface states, and network type assignments for each configured IP interface.
Forensic Value
Section titled “Forensic Value”IP interface data reveals network addressing schemes, detects unauthorized IP assignments, identifies network type misconfigurations, and traces communication paths. Comparing interface configurations against network diagrams helps detect rogue network connections or man-in-the-middle attack setups.