Last updated
Was this helpful?
Last updated
Was this helpful?
Understanding the target network configuration is a critical enumeration phase. Interfaces, routes, and active connections is pivotal for mapping out the network infrastructure and identifying potential points of entry or vulnerabilities.
This section will explore key commands used to enumerate and gather crucial network information, providing insights into how these commands aid in assessing and understanding the network environment.
The route print command may be used to display the routing table of a Windows system.
IPConfig is a versatile command that provides comprehensive information about the network interfaces, IP addresses, subnet masks, DNS configuration, MAC addresses, and more.
The netstat command may be used to displays active and listening network connections, including ports and associated processes.
The arp command in Windows can be used to display the ARP cache, which contains the mapping of IP addresses to MAC addresses within the local network. This command provides a list of known devices and their corresponding MAC addresses connected to the network.
The nbtstat command may be used to displays the name table cache, listing the NetBIOS names and their corresponding IP addresses cached on the local system.
MITRE ATT&CK™ System Network Configuration Discovery - Technique T1016