I ran into an interesting situation recently — I had a Compaq BL10e blade server enclosure that was powered on and connected to the network, but no one knew the IP address for the enclosure's management interface. The enclosure also had a serial console option, but either the manual wasn't helpful enough in figuring out the correct connection settings, or it had been disabled/broken previously. To find the IP address for the enclosure, I made a cross-over ethernet cable and connected one of the blade server's ethernet ports to the enclosure's management ethernet port.
Wireshark is a network protocol analyzer, which allows you to view/capture network traffic. I setup Wireshark on the blade server (on a debian server, just apt-get install wireshark), specified the interface I wanted to watch, and watched the packets from the enclosure's management interface show up in Wireshark. Since Wireshark displays the IP address for the network traffic it captures, I was easily able to grab the IP and connect to the enclosure's management interface.
The same procedure could be applied to any machine that you don't know the IP address for, and can afford to temporarily disconnect from its network connection.