Any way to find unused IP addresses on my network?
Solution 1:
Probably the best way is to use NMAP (http://nmap.org/) in ARP Ping scan mode. The usage will be something like nmap -sP -PR 192.168.0.* (or whatever your network is).
The advantage of this approach is that it uses the Address Resolution Protocol to detect if IP addresses are assigned to machines. Any machine that wants to be found on a network needs to answer the ARP, so this approach works where ping scans, broadcast pings and port scans don't (due to firewalls, OS policy, etc.).
Solution 2:
You really should not be trying to find unused IP addresses on a network that uses DHCP. You should not be doing this unless you know what you are doing, and asking how to do it suggests that you do not.
Network address management is implicitly an organizational (not a technical) activity. DHCP makes network administrators often think it is purely technical, but the protocol is well designed and can easily support your needs with a little bit of political negotiation.
DHCP has a feature where certain systems can be given the same IP address every time (in other words, the assignment mechanism can be dynamic, but the assignments themselves can be fixed).
Ask your DHCP administrator to create some entries for you. If they say "no", do some leg work, and ask your manager to ask their manager to do it.
Or ask the DHCP administrator to allocate a range of IP address for your personal use, but not serve them out of DHCP.
This is really in everyone's best interests. If you project is worth of a little extra effort, some organizational love will go a long way.
I don't think that the other posters have thought seriously about what can happen, and part of the danger is that the results of IP address conflicts are unpredictable:
If you poach addresses, and then they conflict with someone else's system, the results can be painful, like job ending.
Systems behave differently when they have IP conflicts. Some drop themselves quickly. Some just put weird warnings on your screen. Potentially some systems would fight over the IP address.
You don't know what system you would be disconnecting. You could be disconnecting an important server, or your system might have a stub server that starts responding to real traffic. Or it could be you boss's PC, or some senior engineering person who was also IP squatting.
Here's a DNS story that is pretty similar. I worked with a smart, but sometimes obnoxious person in a company, and he understood most of everything, except DNS resolution. He configured about 80% of the companies mail systems so that if there was a minor outage, my lab environment ended up being the outbound mail server. They caught this problem quickly, but you can imagine how bad this could be if my system hadn't queued the mail behind the firewall.
Solution 3:
Personally I like AngryIPScanner. http://www.angryziber.com/
Solution 4:
One time at my company, somebody accidently set their IP to that of the core switch in our server room.
Net result:
"WTF Happened to the Network1?!?!"
Moral of the story: Please talk to your admins. If you are in engineering firm, chances are they have a process in place to give you an address, or even your own range.
Solution 5:
You basically have to options:
Ask your DHCP server what addresses it has already assigned (via the web interface, cli interface, or whatever interface your server uses). This will work if very node on your network uses DHCP to configure itself (i.e., doesn't have any self-assigned IP addresses). Obviously you also need access to the router's configuration, which it sounds like you might not have.
Ping (or portscan) your entire subnet and see who answers. This might not work if particular nodes have ICMP-echo-request disabled (i.e., "Block ping").