Well if I had control of the Switches I would start like you said, then disable the port and see who yells and why. People do not like this but I have found it very effective in seeing what was going on.
From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Tuesday, August 24, 2010 12:46 PM To: NT System Admin Issues Subject: Re: What IP has this MAC? +1 This is where I would start - if possible. Otherwise, the other suggestions next. -- ME2 On Tue, Aug 24, 2010 at 7:21 AM, Jim Holmgren <jholmg...@xlhealth.com<mailto:jholmg...@xlhealth.com>> wrote: Think lower-level. Find the MAC address on your switch, get the port that it is plugged into and follow it from there. Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com<http://www.xlhealth.com> From: richardmccl...@aspca.org<mailto:richardmccl...@aspca.org> [mailto:richardmccl...@aspca.org<mailto:richardmccl...@aspca.org>] Sent: Tuesday, August 24, 2010 10:17 AM To: NT System Admin Issues Subject: What IP has this MAC? Greetings! I am experiencing a bit of a network problem with, at the moment, is more of an annoyance (but could easily get bigger!). Somewhere I have a NIC spewing out gratuitious ARP packets. (I did eventually hunt it down, but for the future...) Using Wireshark, I have the MAC address of the offending NIC. Again, for the future, is there a ping command switch or something else which will enable me to enter the MAC address and have the IP returned? Wireshark does indicate the offender is a Dell system. However, being mostly a Dell shop, pinging each node here and then examining my ARP cache is rather slow... Thanks! -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org<mailto:richardmccl...@aspca.org> P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org<http://www.aspca.org/> The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~