Threat actors may look for details about the network configuration and settings, such as IP and/or MAC addresses, of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp, ipconfig/ifconfig, nbtstat, and route.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.