phred_t
Member
The issue with the Wireshark method is that it requires the unknown device to send these packets; many do: at startup for IP conflict detection and then sometimes periodically for continued probing. However, not all devices do this.
Well it looks like I have a one of those "not all devices". I have a device with a static IP. When I sniff with wireshark and power the device on, I don't see anything from it's MAC vendor ID, or any ARP packets from it's IP. I know the IP. This is a product we manufacturer however it doesn't have any display or any easy means to reset the IP to a default value. Meaning, I need to tell my customers how to recover Ethernet comms if someone doesn't know the IP and its been set to some crazy static IP. Our R&D dept says they may have a solution but I thought I try and take the task on myself.
What is interesting is when I plug the device into my laptop (connected via crossover cable) I do see packets that start appearing however they all seem to be FROM my laptop. I see ARP packets among others but nothing I can see with our Vendor MAC ID, or the IP address I have it currently set to. It seems like my laptop knows something has appeared on the network however I don't know how to ID it.
I am fairly new to networking so there might be a good solution I don't know about.
Any ideas? I'm thinking maybe my only option is to connect a managed switch and look at its ARP table. I looked at my PC's ARP table and don't see the device I'm trying to find.