Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

How do I identify a network device from its IP Address?

D

Dave Marsh

macrumors regular
Original poster
After a brief power outage this morning, I was checking the IP addresses on my home's local network following a DHCP IP address conflict when I rebooted my iMac and found an IP address in DHCP use that I couldn't identify. I got the MAC address, but can't find anything more meaningful to identify the device the Ethernet card is in. I've rebooted the DSL Router a couple of times, and the 10.0.0.4 address remains in use after each reboot. I've also successfully pinged the address, so I know it's live.

We have a number of hardwired computers, AirPort base stations (configured as bridges, not DHCP servers), and print servers on the network and I thought I had accounted for all of them (some have multiple Ethernet ports in use). I've been wondering if someone outside my home has glommed onto my wireless network, even though I have IP access controls in use in my base stations (I've listed the short list of MAC addresses that the base stations are supposed to accept in the appropriate table in the AirPort Admin Utility).

Is there a terminal command that will identify something more than the MAC address if I enter the IP address in the command line? I'm just looking for any commands that will help me to identify what kind of device is using that address. For example, <Unix Command> 10.0.0.4? :???:
 
In general you cannot find out much about a device from it's IP. You could try seeing if it responds to various networking protocols and go from there. For example if it's a Unix machine it might well respond to ssh or telnet. If its a Windows machine (or a Unix machine running SAMBA) it might well appear on an smbtree (unix command, you need an admin password to run).

Right now smbtree is not working for me!

smbutil view //<IP> lists shares on the machine, it might tell you something?
 
Using the MAC address of the host, you could determine the manufacturer of the Network adapter. The first half of MAC addresses are assigned by manufacturer. 00:0d:93, for example, is the beginning of the MAC address for a NIC manufactured by Apple. This of course assumes that the MAC you have is using the address programmed by the manufacturer and has not been spoofed. A quick Google search turned up this nifty little MAC lookup utility.

http://www.coffer.com/mac_find/

Could possibly narrow your search to a specific type of device.

-Tony
 
you could try using nmap (build from code or instal through fink).

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free software, available with full source code under the terms of the GNU GPL.
Click to expand...

Do not use it outside of your own network though. That's not quite legal 😉
 
Thanks for the replies, folks. Tony's link to identify the vendor cracked this for me. It noted the company was Slim, and that pointed me to my Slim Squeezebox network music player, a device I had completely overlooked. 😀
 
redeye_be said:
you could try using nmap (build from code or instal through fink).



Do not use it outside of your own network though. That's not quite legal 😉
Click to expand...
This has got to be the coolest program I've seen! Thanks!
 
MoparShaha said:
This has got to be the coolest program I've seen! Thanks!
Click to expand...

If you didn't know about it, then you probably shouldn't be using it outside of your own network 😛. Seriously, IT admins and even some ISPs will **** a brick if they see you constantly throwing out those packets.

BEN
 
saabmp3 said:
If you didn't know about it, then you probably shouldn't be using it outside of your own network 😛. Seriously, IT admins and even some ISPs will **** a brick if they see you constantly throwing out those packets.

BEN
Click to expand...
Yeah, I've just been messing around with it on my network at home. Actually, I think the program will be quite useful, as I manage several small networks.
 
MoparShaha said:
Yeah, I've just been messing around with it on my network at home. Actually, I think the program will be quite useful, as I manage several small networks.
Click to expand...


Look@LAN is also good, if you are stuck with crappy Windows based systems at your IT job..

Can save you a bit of work when doing some troubleshooting..
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back