I would like to know ways of detecting rogue laptops connected to Ethernet sockets not properly secured in a big organization that has a plain network segment. I know that this can be prevented using some techniques like MAC filtering, but suppose that in this company they don't use any of these preventive security measures.
One possible solution I can think of is to use traceroute to identify the path and identify the last hop to the laptop. This can be used to identify the last router but...
Is it possible to use some layer-2 protocol or other techniques to identify where is a rogue laptop connected to an unprotected Ethernet socket in a big organization?