Is there any value in redacting my private IP addresses when posting network questions online?

Question

I recently filed a bug report with Scapy, and while posting screenshots of Wireshark captures for reference, I decided to blank out my private addresses because I'm just getting into InfoSec, and am trying to be mindful of leaking potentially sensitive information:

In retrospect though, this seems overly paranoid.

I understand that private addresses aren't routable, or unique. In theory though, if someone were to gain access to my home network illegitimately, either remotely or by getting into my router via some exploit, would not knowing what subnet all the hosts exist on realistically hinder them?

My thinking is probably no, because that information could likely be found easily; either on the infected computer used as the entry point, or by some other means.

Is there any value in hiding private IP addresses in a public setting?

Answer 1

There is reconnaissance value, but not immediate "plunder" value. A private IP would tell me that there is a high likelihood that you are using a network firewall. We can also make assumptions based off the private network range. Generally, 192.168.0.0/16 addresses are common in home environments. 10.0.0.0/8 or 172.16.0.0/12 are more common for enterprise environments, due to their larger ranges. Unless you require the highest levels of operational security, I would not bother hiding it, especially for personal usage.

I would be more cautious about a MAC address. A MAC address can reveal what NIC you are using. Theoretically, an attacker could then determine if your NIC is vulnerable to something like Ripple20. Alternatively, if an attacker is able to get the records from the manufacturer, they might even be able to trace your MAC to your real world, physical mailing address.