Need to find computer name from MAC address

By _neutrino
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

_neutrino Veteran

Posted
  • Veteran
Posted

Ok so here at the company i work for we have determined that someone has been doing things they should not with the computers and all i had was an ip address and a MAC address and i have tried ARP and NBTSTAT and i am unable to get the computer name from either of the numbers is there another way that i can find the computer name from either the IP address or MAC address.

Grand Master

Sophism

Posted
Posted

Depending on your network setup you could also Browse the computer using a domain admin account etc.

Just go to any computer and type \\ipadd\c$ in the address bar of explorer.

This should let you browse the mydocuments folder which should give you enough information to figure out where they are.

Collaborator

eXtermia

Posted
Posted

http://www.coffer.com/mac_find/ may help you at least determine what kind of device it is.

You really have no WINS, DNS, or DHCP servers? most logs here are small and will often tell hostname requesting the info.

Do you have managed switches to set up port mirroring or if connected to a hub or at least if managed. Disconnect them or thier lan segment as last resort.

You can sniff the traffic.

If you can't get the Hostname using a NBTSTAT -a xxx.xxx.xxx.xxx (replaces x with ip) then the box is either firewalled. Does not respond to because it isnt a PC might be like a router, switch , printer etc.

try http or https to the hosts IP

attempt to telnet to it

try SSH to it.

lastly GO look for strange devices or PC

Mentor

fAlCoNNiAn

Posted
Posted

is your dhcp server a box (computer, windows, linux) or a router (cisco, netgear, etc.)?

If its a windows or linux box, you can look up the host name in the dhcp scope. If you have absolutely no idea what the box is, or who it is, then run nmap on it to see what ports the machine has open and what the make of the network card is. usually that might point you in the right direction.

if all else fails, kick them from the network or quarantine them, and first person who comes and bitches about it, is the culprit.

Grand Master

_neutrino Veteran

Posted
  • Author
  • Veteran
Posted

We know that it is a Dell computer, We know that it has to be wired in (our wireless network has a different IP set) and we know what the MAC address is. Also we know there is no current computer on the network that has the ip address that it had when it was causing problems. I think i might just have to go from computer to computer and check their mac addresses.

Grand Master

Eric Veteran

Posted
  • Veteran
Posted
We know that it is a Dell computer, We know that it has to be wired in (our wireless network has a different IP set) and we know what the MAC address is. Also we know there is no current computer on the network that has the ip address that it had when it was causing problems. I think i might just have to go from computer to computer and check their mac addresses.

Block the MAC and see who complains they can't access the network.

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

"to go from computer to computer and check their mac addresses. "

Why is that? And why do you need the name? Are you switches not managed? On a managed switch you can always track down what port a mac address is connected too.. Even if the cheapest smart switches support this.

For example from $80 my home gig switch!

post-14624-1247153123_thumb.jpg

Ports with more than one mac address on them have downstream switches connected, etc.

finding what port a mac is connect to on cisco swith is as easy as

show mac-address-table | inc partofmacaddress

Once you no the port -- go to that port and follow the wire and you have your computer ;)

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By sphbecker · Posted

      If you don't care to read what I said, then you prove my point. Maybe written media is beyond your attention span. Titles are not summaries my friend.
    • Politically funny images of the World

      By +Nik Louch · Posted

      Nobody asked... in fact, I said "I don't care about political leanings"  
    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By Elliot B. · Posted

      TLDR. Here is a far better title (just a basic example): Windows 11 26H2 to allow disabling Web search results
    • Politically funny images of the World

      By Dan~ · Posted

      Restore will get my vote, only if to see if things are any different, doubt it though but Labour and Conservatives too out of touch and same thing over and over and over…, Lib Dem who?
    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By sphbecker · Posted

      There is nothing wrong with this title. You have completely missed the plot when it comes to "clickbait." The issue was never that a title tries to entice you to click, that is how titles have worked for over 100 years. The issue is when the title subverts expectations, getting you to click expecting something that isn't there. The classic clickbait example is "Boyfriend caught cheating, what happens next will shock you," then what happened next is the girlfriend was upset...which is probably the least shocking outcome imaginable. If sounds like what you want is for the titles to be a collection of 10-word summaries that you can skim, get the just of the story, and only click if you want more details. That is not, never has been, and never will be what titles are. You can go all the way back to print newspapers during the great depression and see the same thing. The newspaper was locked in a vending machine, all you can see is the headline, you choose to put in 5¢ to buy the paper and read the rest if you want. Those headlines were written in a way to sell the paper, not just to provide a summery. Here are two actual headlines from that time, "Wall Street Lays an Egg," or "Stocks Hit Bottom?" Maybe you'd say something like "it was wrong then and it's still wrong now." Okay, fine opinion to have, but it isn't like Neowin is doing something unjurnalistic, they are just following the age-old standards for written media.

  • Recent Achievements

    • Dedicated
      tuben earned a badge
      Dedicated
    • Week One Done
      mnsgroup earned a badge
      Week One Done
    • Conversation Starter
      sumytbe earned a badge
      Conversation Starter
    • One Year In
      B4dM1k3 earned a badge
      One Year In
    • One Year In
      DarkWun earned a badge
      One Year In

  • Popular Contributors

    1. 1
      +primortal
      525
    2. 2
      +Edouard
      199
    3. 3
      PsYcHoKiLLa
      94
    4. 4
      Michael Scrip
      82
    5. 5
      neufuse
      67
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!