Detecting unused ports on a network

Discussion in 'Networks' started by UCHEEKYMONKEY, Feb 19, 2008.

  1. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Can anyone tell me if there is a software or command to detect unused ports on a network.

    Let's say - you are a network administrator and you are incharge of 42 hubs each with hub containg 100 ports all connected with a patch cable. Your Line manager has just informed you that the Dept need to cut back and each port that is not being used because it costs £3000 to run that service

    Is there a program you can run to detect when a port was last used. when a computer was attached to that port and the port was live. We often get staff moving or leaving but don't tell IT Dept and therefore the network port in that office is still live. However when new staff arrive and more network ports are needed we then find there is not enough space in the hub/rack to add another switch.:(

    Any suggestions?
     
    Certifications: Comptia A+
    WIP: Comptia N+
  2. Stoney

    Stoney Megabyte Poster

    731
    23
    69
    Unplug the cable and see if you get a phone call 5 minutes later! :twisted:
     
    Certifications: 25 + 50 metre front crawl
    WIP: MCSA - Exam 70-270
  3. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Surely this is hardware specific? And switches from companies like Cisco have such items if our place is anything to go from.

    And cheap switches just can't be monitored like this.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  4. slyuen

    slyuen Byte Poster

    112
    3
    34
    why not find a weekend, when no one is around, come to the office and switch everything on, then look for lights that are off to tell you which port is unused on the switch??
     
    Certifications: ECDL,A+,Network+,CST,CNST,MCDST,MCSA
    WIP: MCSE, CIW, CCNA, CWNA, Others...
  5. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    That's a bit tricky mate! This place is 24/7 what if you had an accident in a car and went to the nearest Hospital only to be told there closed because they only work 9 - 5pm?:blink
     
    Certifications: Comptia A+
    WIP: Comptia N+
  6. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Cheap switches??:dry

    switches are cisco catalyst 2960 and Extreme networks (purple colour) Summit 250e
     
    Certifications: Comptia A+
    WIP: Comptia N+
  7. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Tell you what mate you drop us your telephone number and I will pass it onto the users who phone.:biggrin:twisted: (don't worry there's only 2400)
     
    Certifications: Comptia A+
    WIP: Comptia N+
  8. wizard

    wizard Petabyte Poster

    5,767
    42
    174
    Ooh yeah done that before now and had a shout from across the room because I've unplugged them in the middle of typing out an important document :biggrin
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  9. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,292
    265
    329
    Shields up will tell you which ports have vuneerabilities not sure if it will tell you which ports are being used and which are not, you can always give it a go https://www.grc.com/x/ne.dll?bh0bkyd2
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  10. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Er - wrong sort of ports! :biggrin

    UCM was refering to ports on a switch, not the ports in TCP!

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  11. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Ah! For those I'd suggest SNMP would be the way to go.

    And you'll need someone who knows those *much* better than I do how to go about this in detail.

    I know we use HP Openview for a lot of our monitoring.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  12. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,292
    265
    329
    :oops: disregard then UCM.
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  13. BosonMichael
    Honorary Member Highly Decorated Member Award 500 Likes Award

    BosonMichael Yottabyte Poster

    19,183
    500
    414
    I don't know if NetMRI will keep track of that information. SNMP is certainly a valid method, I would think.
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  14. nXPLOSi

    nXPLOSi Terabyte Poster

    2,874
    30
    151
    I've come across the same problem, but being a small outfit I can just take out the wires with no link lights, I find out soon enough if someone was using that port and reconnect!

    "Oh it was a wiring issue, all sorted now."

    8)
     
    Certifications: A+, Network+, Security+, MCSA 2003 (270, 290, 291), MCTS (640, 642), MCSA 2008
    WIP: MCSA 2012
  15. derkit

    derkit Gigabyte Poster

    1,480
    58
    112
    Might be simplistic approach, but tell all your users to keep the leave their computers plugged in and then on the weekend look at the switches to see which are still lit (assuming your switches work the same way ours do!), that would give you a reasonably accurate figure I would have thought.

    We did this with a similar set up to you - 4000 users, over 32 different comms cabinets (all in different locations) - took a couple of hours but nailed it pretty good.
     
    Certifications: MBCS, BSc(Hons), Cert(Maths), A+, Net+, MCDST, ITIL-F v3, MCSA
    WIP: 70-293
  16. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Is there a web interface on the switches? If so it may tell you which ports are live....
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  17. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    No clues here, but isn't there a program called open view to map a network?
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP
  18. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    UCM - Why don't you just ping sweep the subnets, record the mac addresses of every device that responds then lookup those MACs to see which ones correspond to Cisco or Extreme assigned MAC ranges?

    That way you'll have a list of all the networking devices on your subnets, can telnet/ssh into each one of them and run whatever the 'show ports' command is for each switch. that should tell you which ports are administrtatively up and, better still, sending/receiving traffic
     
    Certifications: A few
    WIP: None - f*** 'em
  19. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Hmmm I'm not sure if that will work, but I give it go! The reason why I am unsure is the security device on the network to stop the spam and spyware we are getting. Lets say I ping a computer name pc304 in the cmd window I would expect to see an ip address of 10.161.9.3 however what I actually see is an Ip address of the security device 128.85.6.2. I guess to ping sweep the subnets I would have to disable the security device to get the correct info.

    Also these computers/devices are not on all of the time. I would have to physically go to each loaction (assuming the office isn't locked) and switch on every computer, network printer - ouch!:ohmy
     
    Certifications: Comptia A+
    WIP: Comptia N+
  20. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Yes there is a web interface, the extreme switches even alert you via email when a port is deactivated when a PC produces two mac address. BUt that is rare and we've only had 8 pc's that have 2 mac address. By this I mean a PC that has an onboard NIC and a PCI NIC installed on one pc.

    The only problem with the web interface it shows live in present time but not over a period of time.:blink
     
    Certifications: Comptia A+
    WIP: Comptia N+

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.