• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 579
  • Last Modified:

Tracking down rogue IP address

Hello Experts - I'm having a problem with a rogue IP address and have been trying to track it down.  I have four HP 2920 switches but don't know the command line very well yet.  Can anyone provide some guidance on how I can track down which port the offending device is plugged into?
0
danbrown_
Asked:
danbrown_
  • 2
  • 2
1 Solution
 
tolinromeCommented:
A couple of ways:

1. You can use wireshark to filter for that rogue IP address and then just start disconnecting switches and see if the ip stops, then once the switch is found you can narrow it down to the ports on the switch.

2, Go on your firewall or switches and look at the arp table of the mapping of ip address and mac address and it will tell you what port number it is on.
0
 
danbrown_IT ManagerAuthor Commented:
Ok, I was thinking arp table as well, thanks!
0
 
tolinromeCommented:
also sometimes a rogue ip will be a virtual ip on someone's computer where they installed virtual box or vmware etc.. and it gives it an ip different than whats assigned to your network, so think of who may have a vm on their computer if you cant find the rouge ip for some reason.
0
 
Matty-CTCommented:
If you download a demo of HP Procurve Network Manager and install it, it has a feature to find devices by IP address or by mac address too. You type in the IP and it'll tell you on what port and switch the device is connected!

ARP works too and then you can run a show mac address command on HP switches to locate the corresponding MAC by port.

Matt
0
 
danbrown_IT ManagerAuthor Commented:
Wow, now that is a useful function, wish it came standard with routers and switches.  Just so you guys know it wound up being a Dell iDrac device that suddenly decided to turn itself on.  I did a port scan of the IP, saw HTTP was open, connected and disabled it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now