Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP address conflict

Status
Not open for further replies.
grega

grega

Programmer
Feb 2, 2000
932
0
16
GB
All, may be a long shot but I'm looking for some ideas.

I have a solaris box connected to our LAN at work (ethernet), primarily used as a windows NT network. All NT workstations use DHCP, but there are a number of other machines (mostly Unix servers) using a static IP.

Yesterday I couldn't connect to my box. /var/adm/messages told me something like hardware device *big hex number* was using my static IP address - IP conflict

Our techies are trying to trace the machine using my IP, but it doesn't appear to be an NT machine. I've shut down my box, removed the network cable, but it's address is still pingable which suggests something is still using the IP. Could be another unix box, printer, etc. A company wide e-mail has been circulated but no-one has owned up to anything!

Is there any tool for tracing the source of an IP that our chaps may not have figured out yet?

Obviously a quick solution is to change the IP address of the server, but that also means a lot of config on other machines we use also.

Any help/thought/ideas much appreciated.

Greg.
 
Sort by date Sort by votes
if you telnet does it respond? can you access sendmail on the machine port 25?

Solaris Machines can use DHCP, you could try that (if you don't need a static)

if your DHCP is running on Solaris, you can modify your IP address in this file so that it never expires and is set to either your ether address, or set to something that noone can use ...

when all the machines (NT boxes) are restarted then that IP address wont be reallocated ...

ho hum
 
Upvote 0 Downvote
Thanks jad,

No response from telnet

Not sure about your sendmail point??

Better for me to use static IP (couple of machines configured to use that address, Sybase on the Solaris box configured to use that address) - I wouldn't know where to start on DHCP.

I would have thought that our NT DHCP server would know that my IP was static, therefore it wouldn't allocate it to one the NT machines logging on?

As I said, we don't think it's an NT machine using the IP ... if it was, our admins would be able to connect to it's C: drive (shared) using \\xxx.xxx.xxx.xxx\C$

Greg.
 
Upvote 0 Downvote
Eventually sussed it out using an NT/Dos tool nbtstat which uses NetBIOS over TCP/IP to return the name of the offending machine.

Greg.
 
Upvote 0 Downvote
the sendmail thing (if it is running, and sometimes it is on an NT box) will respond telling you the name of the machine ...

had a friend that 'hacked' into another of his friends machines that way ...

checked the sendmail on the machine (over the internet) blah.blah.co.uk

returned 'nitrogen' as it's real name

smbclient -L nitrogen -I blah.blah.co.uk

returned the shares ...

accessed one of the shares ... user Administration ...

the guy had a null password on this account (silly man)

woo :)
 
Upvote 0 Downvote
needless to say he's changed his setup since then ... at least he's changed his password, and disabled sendmail (he didn't know it was running ;)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ziggy6
  • Locked
  • Question
SCO Unix 5.0.7 / TCP WRAPPER / IPV6
Replies
0
Views
34
ziggy6
ziggy6
rbaskett
  • Locked
  • Question
Solaris 7 who am i - ip vs hostname of telnet client
Replies
1
Views
44
Annihilannic
Annihilannic
dellit
  • Locked
  • Question
Mac address remote Pc Sco Unix
Replies
3
Views
42
superchivo
superchivo
motoslide
  • Locked
  • Question
SCO6 Major Number conflict
Replies
0
Views
16
motoslide
motoslide
Tranbo
  • Locked
  • Question
SCO Open Server 6 : using IPP printer form linux box 1
Replies
1
Views
28
PHV
PHV

Part and Inventory Search

Sponsor

Back
Top