You really need managed switched to see the MAC address assignment to physical port.
I have had to go through this a number of times =( From: Fergal O'Connell [mailto:foconn...@curamsoftware.com] Sent: Tuesday, July 27, 2010 10:06 AM To: NT System Admin Issues Subject: RE: Possible Rogue device on the network Still can't seem to find a way to track this device though... I just can't seem to find where this Mac is originating from. From: Richard Stovall [mailto:rich...@gmail.com] Sent: 27 July 2010 12:45 To: NT System Admin Issues Subject: Re: Possible Rogue device on the network These guys seem to think that MAC address is from a Dell device. http://hwaddress.com/mac/000F1F-000000.html On Tue, Jul 27, 2010 at 5:53 AM, Terry Dickson < te...@treasurer.state.ks.us> wrote: I do not have notes on this, but if I remember correctly I have seen something like this once in the past. The MAC is from a Wireless Connector so look for a laptop(probably) that is connected with Wired connection but still has wireless turned on. ________________________________ From: Fergal O'Connell [foconn...@curamsoftware.com] Sent: Tuesday, July 27, 2010 4:34 AM To: NT System Admin Issues Subject: Possible Rogue device on the network HI Folks, We are having a sporadic network issue on our LAN which I am currently trouble shooting - I ran a wire shark capture on one of the hosts that is affected and I want to know what the following is I can't find that Mac address on our network. I checked the DHCP and I checked the arp table on all our switches and routers. MAC - 00:0f:1f:30:26:e3 is assigned to WW PCBA Test What I want to is find this device and turn off STP. Any idea's? Regards Fergal O'Connell ICT Support The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
<<image001.png>>