Link to home
Start Free TrialLog in
Avatar of J.R. Sitman
J.R. SitmanFlag for United States of America

asked on

How can I identify what device is attached to a specific IP

How can I determine what device is on our network?   I can ping the IP but I do not know what the IP is attached to.   I tried entering it in the browser but it does not find it.
Avatar of noci
noci

If you can ping it you can find the MAC address in the ARP table.

You can find on the switch where your system is connected where that MAC address is located.  (switch port)  in a table known as MAC or CAM table.
if you end up in a router then ping again from that router, lookup the MAC address in the ARP table and then go to the switch where it is connected ... etc. until you reach the system you are searching for.
ASKER CERTIFIED SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of J.R. Sitman

ASKER

it's wifi
same applies
the arp -a worked.   Thank you
another easy solution assuming you have internal DHCP/DNS is to use nslookup <ip> it will return the registered name.
thanks
That only tells you what adapter is used... Not what kind of computer is connected.
Then you need to known where the device is  and check out the device itself.
thanks
@noci was to my comment?  If so not sure I follow.  

Output:

Server:  DCNTSDC03.cashtimeservices.com
Address:  10.0.5.60

Name:    DCNTSADM03.cashtimeservices.com
Address:  10.0.5.254


The name tells me a bunch if I know my network.
Yep.. You are right IF it has such a name....
how about " my_pc.castimeserrvices.com    or thomas_laptop.cashtimeserrvice.com and you are sure there is no thomas in the company.
And you are sure the you never installed a system named my_pc..?
From the Q:
I can ping the IP but I do not know what the IP is attached to.

And that even assumes the reverse DNS does provide a result... tbh OP might need to clarify this part of the problem with maybe an example of the problem?..
fair enough, I do see your point, and it depends how your network is setup and secured.  Also what the problem.  In both your example cases, I would know my network does not have those devices and would shutdown an open port and see who screams or if wireless, kick the device from the network, but in that case 802.1x would isolate the user that authenticated.
From the question it is apparent that it not that an advanced network.   i doubt 802.1x is used.