Strange addresses from DHCP

Got a small Windows 08r2 domain, one DHCP server.  Lately, several of my desktops, with a wired connection, are getting a 192.168.... IP address...and the DNS suffix is showing....wait for it....."GoogleTV" instead of our domain name of CITYHIGH.LAN  (see attached shot)

Folks connecting over wifi are fine.
gtverror.jpg
ejcristAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
footechConnect With a Mentor Commented:
Though I'm not familiar with Google TV, it sounds like someone has connected another DHCP server to your network.  Perhaps a Google TV device can act as a DHCP server.

In any case, you would need to track it down and flog the person that plugged it in (unless it's the CEO, then just unplug the device or disable the DHCP functionality if possible).
1
 
ejcristAuthor Commented:
Wow, that makes sense.  If a GTV box is connected somewhere, wouldn't it show up in my DNS or DHCP (if it grabbed a number)?  I'm trying to find a reference to it so I can track it down and shut it down.
0
 
footechCommented:
It would depend on whether it got a lease from your DHCP, and other settings related to DNS dynamic updates.  I assume your network is not using 192.168.1.x, but the screenshot shows 192.168.1.1 as the DHCP, so I would take that to be the Google TV.  You could do an arp command (like arp -a 192.168.0.1) to see the associated MAC address.  Depending on the capability of your switches, you could then trace the MAC to a specific port.  From there, you could unplug the cable and listen for the screams to narrow it down, or maybe your documentation would tell you where it goes from there.
1
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Adam BrownConnect With a Mentor Sr Solutions ArchitectCommented:
Most likely, the Google TV is configured with a static IP address, so you wouldn't be able to find it in DNS. That said, you should be able to go to 192.168.1.1 to get the box's interface (usually). From there you can at least *try* default usernames and passwords to get into the configuration for it. Realistically, though, it shouldn't be too hard to find a Google TV box in an office unless someone is doing this maliciously and hid it really well. Worst case, if you have managed switches you can usually track down where the device is plugged in by looking at arp tables for the 192.168.1.1 address, then disable the switch port it's plugged into.
1
 
Dr. KlahnPrincipal Software EngineerCommented:
The quickest solution is probably to announce publicly "We are investigating serious problems on the company network.  When we find the GoogleTV device and discover who connected it, that person will be immediately fired."
1
 
K_WilkeCommented:
If you have DNS setup on your server then that DNS could be goofed up.
0
 
Jeff GloverConnect With a Mentor Sr. Systems AdministratorCommented:
Someone has hooked Google TV to your network. An unpublished feature of Google TV is the ability to act as a wireless bridge. It will act as a DHCP server in that case and since it does not support DHCPInform messages, It can easily become a Rogue DHCP server. Track it down and disconnect the Wired internet port.
0
 
ejcristAuthor Commented:
I did an arp -a to find the MAC for the 192.168.1.1 gateway.....one of my 4 year old Sony Google TV's was acting like a DHCP server.....weird.  Thanks!!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.