Uncommon IP Configuration Listing via ipconfig.exe

The Uncommon IP Configuration Listing via ipconfig.exe alert indicates that the ipconfig command was used to list the IP address configuration for all devices to determine network configuration details.

Synopsis

10 minutes.
3 days.
14 days.
10 minutes.
Traps endpoint data.
Discovery.

Description

The ipconfig command is used to display TCP/IP network configuration information and refresh the Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings.

Attacker's Goals

Attackers can use the ipconfig command to discover network configuration details.

Related Documentation