Actually, given that this is in academia somebody nicking the IP address isn't entirely implausible, so I will make sure that I've got a record of the MAC address.
I've also got a screen, keyboard and mouse on the machine now, so I can fiddle with it directly next time things go castors up, which the seem determined not to do at the moment. Of course it's possible that keep a TCP connection open to the machine is stopping things from failing, if it is something weird with the network setup.
Thanks for suggestions, I've got Wireshark on this machine, so it may well be useful to have it sat watching that machine if necessary.