[lug] What's my IP?
Lee Woodworth
blug-mail at duboulder.com
Tue Jan 25 19:00:05 MST 2005
Command-wise there is arp -vn. If ifconfig has been compromised then
this command probably would be too.
If you have the iproute2 tools installed, the command:
ip addr show
will show the addresses of all of you interfces. It could be compromised
too.
As others have said, external inspection is the most relaible way to
tell if the machine has been compromised.
Ian Rees wrote:
> http://whatismyip.com
>
>
> On Tue, 25 Jan 2005 16:48:20 -0700, Jeff Schroeder <jeff at neobox.net> wrote:
>
>>Hey all--
>>
>>A friend just posed an interesting question to me... he wants to know
>>the IP address of a Linux machine, and he suspects that 'ifconfig' has
>>been compromised (as a joke, not as an evil rootkit). He asked how he
>>can find the IP without using ifconfig and without connecting to
>>another machine. He has root access.
>>
>>Depite a lot of Linux network background, I was amazed to find that I
>>didn't really know. You *always* use 'ifconfig' for that! In its
>>absence, what else is there? I suspect there's a file buried somewhere
>>in /proc, but a bit of poking around didn't turn up anything useful.
>>
>>Assume this is a "basic" installation and doesn't include fancy network
>>analysis tools like nmap, ettercap, or ethereal.
>>
>>Ideas?
>>
>>Thanks,
>>Jeff
>>_______________________________________________
>>Web Page: http://lug.boulder.co.us
>>Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
More information about the LUG
mailing list