• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 234
  • Last Modified:

Finding the Physical location of an IP host on a LAN

I have been running through the computers listed in the AD and have come across one that I do not receognize. Lets say it is called PC1, if I ping it I get an ip 192.168.0.1. I can activate the "manage computer" but cannot access any fo the snap ins such as event viewer even though I'm logged on as Administrator. How do I find where this machine is and how do I gain control of it? I don't want to disable the account in case it is doing something useful.
0
Bartley1969
Asked:
Bartley1969
  • 2
  • 2
  • 2
  • +3
3 Solutions
 
killbradCommented:
http://www.microsoft.com/technet/sysinternals/utilities/psloggedon.mspx

That should give you an idea of who is using it...

http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx

This should let you run stuff on it (assuming its a part of the network and you have the correct administrator
0
 
Freya28Commented:
unc to it \\192.168.0.1\c$  and see whose profiles are on the machine
0
 
rsivanandanCommented:
If you're all on the same subnet, then on your machine, if you do 'arp -g' you could see the mac address of this computer.

Then go to the switch and see which port this mac address belongs to. From there it should be easy enough I guess.

Cheers,
Rajesh
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
jburgaardCommented:
'How do I find where this machine is'

Do you have managed sw's?
If so you can do something like
show MAC xx:xx:xx:xx:xx:xx
a command like this will show the port, where the PC is connected or a link to a switch, where the PC is connected.
( to find the next sw. use something like: show CDP nei  or show LLDP info remote )

In order to get MAC-addr of PC1
ping PC1
arp -a
and look for line with PC1 (this will be MAC-adr of PC1 or device connecting to PC1)
If you run DHCP you could see an entry here as well.
0
 
Bartley1969Author Commented:
Rajesh and jburgaard thanks for your tack, definitely makes sense to get the MAC and then from the switch get the port and then trace cable physically to patch or elsewhere from there.
Now I have a question:
I have some 10 switches across the LAN (same subnet), some switches are CISCO's and rest are a mix a other brands.
Is there software/commands out there that I can install on the netowrk that will identify all the switches and then inventory the MAC's for each port on each switch?
0
 
rsivanandanCommented:
Sure, take the free editon from ;

http://manageengine.adventnet.com/products/oputils/index.html


Cheers,
Rajesh
0
 
btassureCommented:
Incidentally 192.168.0.1 is the standard address for a router on the 192.168.0.x network. If you cant access anything on it then it might be the router...
0
 
killbradCommented:
BTW: btassure is right
0
 
Bartley1969Author Commented:
Rajesh,
many thanks for that. It has the port mapper util that I'm looking for.
BTassure and Killbrad thanks for your inputs, but I needed more indepth solutioning, i.e., there are MANY switches on the network, there are subnets too etc. I want the capability of finding rogue IP's across the LAN/WAN etc.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now