?
Solved

Finding the Physical location of an IP host on a LAN

Posted on 2006-11-28
9
Medium Priority
?
228 Views
Last Modified: 2012-05-05
I have been running through the computers listed in the AD and have come across one that I do not receognize. Lets say it is called PC1, if I ping it I get an ip 192.168.0.1. I can activate the "manage computer" but cannot access any fo the snap ins such as event viewer even though I'm logged on as Administrator. How do I find where this machine is and how do I gain control of it? I don't want to disable the account in case it is doing something useful.
0
Comment
Question by:Bartley1969
  • 2
  • 2
  • 2
  • +3
9 Comments
 
LVL 7

Expert Comment

by:killbrad
ID: 18028849
http://www.microsoft.com/technet/sysinternals/utilities/psloggedon.mspx

That should give you an idea of who is using it...

http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx

This should let you run stuff on it (assuming its a part of the network and you have the correct administrator
0
 
LVL 12

Expert Comment

by:Freya28
ID: 18029408
unc to it \\192.168.0.1\c$  and see whose profiles are on the machine
0
 
LVL 32

Assisted Solution

by:rsivanandan
rsivanandan earned 800 total points
ID: 18029466
If you're all on the same subnet, then on your machine, if you do 'arp -g' you could see the mac address of this computer.

Then go to the switch and see which port this mac address belongs to. From there it should be easy enough I guess.

Cheers,
Rajesh
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 17

Accepted Solution

by:
jburgaard earned 1200 total points
ID: 18029472
'How do I find where this machine is'

Do you have managed sw's?
If so you can do something like
show MAC xx:xx:xx:xx:xx:xx
a command like this will show the port, where the PC is connected or a link to a switch, where the PC is connected.
( to find the next sw. use something like: show CDP nei  or show LLDP info remote )

In order to get MAC-addr of PC1
ping PC1
arp -a
and look for line with PC1 (this will be MAC-adr of PC1 or device connecting to PC1)
If you run DHCP you could see an entry here as well.
0
 

Author Comment

by:Bartley1969
ID: 18035389
Rajesh and jburgaard thanks for your tack, definitely makes sense to get the MAC and then from the switch get the port and then trace cable physically to patch or elsewhere from there.
Now I have a question:
I have some 10 switches across the LAN (same subnet), some switches are CISCO's and rest are a mix a other brands.
Is there software/commands out there that I can install on the netowrk that will identify all the switches and then inventory the MAC's for each port on each switch?
0
 
LVL 32

Assisted Solution

by:rsivanandan
rsivanandan earned 800 total points
ID: 18035520
Sure, take the free editon from ;

http://manageengine.adventnet.com/products/oputils/index.html


Cheers,
Rajesh
0
 
LVL 16

Expert Comment

by:btassure
ID: 18046407
Incidentally 192.168.0.1 is the standard address for a router on the 192.168.0.x network. If you cant access anything on it then it might be the router...
0
 
LVL 7

Expert Comment

by:killbrad
ID: 18050757
BTW: btassure is right
0
 

Author Comment

by:Bartley1969
ID: 18052342
Rajesh,
many thanks for that. It has the port mapper util that I'm looking for.
BTassure and Killbrad thanks for your inputs, but I needed more indepth solutioning, i.e., there are MANY switches on the network, there are subnets too etc. I want the capability of finding rogue IP's across the LAN/WAN etc.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question