Solved

how do I find a device on my network?

Posted on 2012-03-21
11
680 Views
Last Modified: 2013-11-29
Ran a belarc program and it showed a wireless netgear on my lan but I can find it anywhere. I want to track it down but dont know how. I was able to get its ip and physical address but nothing else. Is there a way to effectively block it by GPO or any other way?
0
Comment
Question by:sirius7
  • 3
  • 3
  • 2
  • +3
11 Comments
 
LVL 2

Expert Comment

by:wherami
ID: 37750893
Does the lan have managed switches? Do you know the mac address? If so you should be able to find out the switch and port that  the offending device is plugged into.
0
 
LVL 16

Expert Comment

by:l33tf0b
ID: 37750903
Using snmp on Cisco switches, you would be able to do so. What kind of switch do you have?
0
 
LVL 1

Author Comment

by:sirius7
ID: 37750921
I have a dell powerconnect 3448p but Im really unfamiliar with it. Snmp I know.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 10

Expert Comment

by:abbright
ID: 37751129
I think using the command "show mac-address-table" on your switch(es) you should be able to locate the switchport where the device is connected to (see http://support.dell.com/support/edocs/network/5p788/clig/address.htm).
0
 
LVL 10

Expert Comment

by:abbright
ID: 37751135
As the unknown device is probably a wireless router or access point you also might try to figure out the WLAN-SSID it is broadcasting. Depending on the size of the building(s) you might try to find  the signal and go towards the point where the signal strength increases to find the sender.
0
 
LVL 1

Author Comment

by:sirius7
ID: 37751248
can i block it by mac address?
0
 
LVL 10

Expert Comment

by:abbright
ID: 37751272
Maybe you can block it by mac address. It might be better though to identify the port it is connected to so you can find the physical device and talk to the user not to use the device anymore. Otherwise he might just change the device, the port, or the mac address and continue to use it.
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 37751359
If the switch uses snmp, you could use lantopolog to find out where the wireless is connected.
http://www.lantopolog.com/
0
 
LVL 1

Author Closing Comment

by:sirius7
ID: 37751360
thank you
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 37751451
You're welcome :)

Thx for the points.
0
 
LVL 4

Expert Comment

by:dbright5813
ID: 37752580
Not sure if the 34xx series has the command, but on the 35xx series you can create a MAC-Based ACL to block specific devices by MAC.

Here's the command cheat-sheet that I keep handy:

mac access-list rogues
deny any [MAC address of rogue] 00:00:00:00:00:00
deny [MAC address of rogue] 00:00:00:00:00:00 any
permit any any
exit
interface range ethernet all
service-acl input rogues
exit
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to limit traffic to Netscaler 10.5 VIP 3 70
2003 Server DNS/FS errors 6 53
Office 365 Login Audit Report 1 36
Current Mac OS X Network Profiles and Firewall 5 57
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question