Forum Thread

SOLVED: Random "computers" showing up on my network

TheEdge 5,981 1,640 September 3, 2013 at 10:24 AM
About six months ago, I noticed a Motorola Razr on my network (when I viewed the "Network" group in Windows 8). I blocked the MAC address of it and never saw it again -- but later that night, a desktop computer popped up (probably because the person trying to hop on my WiFi realized his phone couldn't do it anymore). With the help of some SD'ers, I came to realize that having WPS enabled is a HUGE security hole. So I closed that up, reset my password (it's now 20+ characters long in WPA2) and changed/hid my SSID so nobody can see it -- they have to KNOW it (it's pretty random).

I just got my new computer all set up and noticed two items besides our household computers on there. The odds of them knowing the SSID -AND- figuring out the password are slim and none. I've gone into my router's access filters and made it so only the MAC addresses of the hardware I've reserved DCHP for can get on our network. Saved the changes, reset the router and the devices are still showing. Thoughts? Time for another password overhaul? (Pictures attached). Note how if I expand the "machine" called A1B2D7000000, it has a shared folder called "canon_memory" (FWIW). If I try to access the other one (NPI....), it says it can't connect. Currently, we aren't sharing anything as far as documents, so nobody should be able to access anything -- assuming it is even a human trying to get on our network.

I'm just baffled as how there could be anything outside of this house on there due to the strong security/hidden SSID and my router only allowing access to items with the MAC addresses I have personally entered.

29 Comments

1 2

Sign up for a Slickdeals account to remove this ad.

#2
The "A1B2D7000000" is your printer. I'm not sure what else you have on your network that could be identifying as the NPI name, but it's most likely one of yours.
Reply Helpful Comment? 0 0
Quote from DrKaraoke :
The commisioner has announced that the 2005 coupon posting season has been cancelled due to the inability to agree on where to post the coupons. laugh out loud
www.homestarrunner.com (Strongbad's E-mail) [homestarrunner.com]
Joined Apr 2006
Shreddin'
5,981 Posts
1,640 Reputation
Original Poster
#3
Quote from rustynail1978 View Post :
The "A1B2D7000000" is your printer. I'm not sure what else you have on your network that could be identifying as the NPI name, but it's most likely one of yours.
Yeah, we have a Canon printer, so that crossed my mind...but we've never had it show up like that before on our network. That being said, I just started using a new Dell computer and it might "see the printer" differently based on how it installed the driver (automatically). It's technically my wife's Canon printer and it is connected to our network via WiFi.
Reply Helpful Comment? 0 0
#4
Do you have a phone that runs through the router? Trying to figure what the NPI device is, that is one guess. I think I remember seeing an IP phone with that name before.
Reply Helpful Comment? 0 0
Joined Jan 2006
L10: Grand Master
11,221 Posts
1,465 Reputation
#5
Quote from TheEdge View Post :
The odds of them knowing the SSID -AND- figuring out the password are slim and none.
Finding a hidden SSID is trivial. If someone knows you have a router broadcasting wifi they can find it
Reply Helpful Comment? 0 0
Heifer whines could be human cries
Closer comes the screaming knife
Joined Apr 2006
Shreddin'
5,981 Posts
1,640 Reputation
Original Poster
#6
Quote from Pedantyc View Post :
Do you have a phone that runs through the router? Trying to figure what the NPI device is, that is one guess. I think I remember seeing an IP phone with that name before.
Not a phone as in VoIP, but my wife and I both have iPhones on our wifi. They have never shown up like that before if they are the culprit.

Quote from vivahate View Post :
Finding a hidden SSID is trivial. If someone knows you have a router broadcasting wifi they can find it
But then they would also have had to hack a 20 character password and somehow get through the router's filter that only allows the MAC addresses that I entered.
Reply Helpful Comment? 0 0
Last edited by TheEdge September 3, 2013 at 11:35 AM
Joined Aug 2005
L10: Grand Master
12,661 Posts
4,824 Reputation
Pro
#7
Quote from TheEdge View Post :
Not a phone as in VoIP, but my wife and I both have iPhones on our wifi. They have never shown up like that before if they are the culprit.




But then they would also have had to hack a 20 character password and somehow get through the router's filter that only allows the MAC addresses that I entered.
Cloning a MAC address is super trivial especially after you have sniff the traffic needed to do the decryption of the network password. It basically adds no protection from anyone who knows 1% of what they are doing.
Reply Helpful Comment? 0 0
Vague questions receive vague answers . . . . . .
Joined Jun 2005
Let Sleeping Dogs Lie
5,845 Posts
2,388 Reputation
Pro
#8
It is probably just a device you have you can look up a mac address and see who the adapter belongs to, it may help

http://www.coffer.com/mac_find/

You could also just block the device and see what did not work, for me
Devices with SD card slots can show up 2 different ways too
Reply Helpful Comment? 0 0
Last edited by komondor September 3, 2013 at 12:15 PM

Sign up for a Slickdeals account to remove this ad.

Joined Jul 2003
L10: Grand Master
33,260 Posts
6,001 Reputation
#9
Quote from komondor View Post :
It is probably just a device you have you can look up a mac address and see who the adapter belongs to, it may help

http://www.coffer.com/mac_find/

You could also just block the device and see what did not work, for me
Devices with SD card slots can show up 2 different ways too
Could be the Cannon Printer again. Scratchchin


~~~~~~
OP, Hiding the SSID does nothing, anybody with a wifi finder software running on their laptop, etc will show what the SSID is. It just keeps the n00bs from trying to attach to it.
Reply Helpful Comment? 0 0
worshipTHANK YOU to those whom have fought and are fighting for our FREEDOMworship

Please Support Autism Awareness [autismspeaks.org]
Yahoo!Yahoo! 7/11/2009
Joined Mar 2004
L11: Monkey's Apprentice
17,194 Posts
2,785 Reputation
#10
Fing might be a more reliable tool for sniffing out those devices. It's what I use at home.
Reply Helpful Comment? 0 0
Quote :
Reading comprehension isn't just for school children!
Joined May 2006
I hate mail in rebates
4,669 Posts
891 Reputation
#11
Most likely printers, smart phones, tablets, etc... You should be okay with the changes you made.

I have a plethra of devices on my router that I've identified as to what each one is. No worries about neighbors trying to get on.
Reply Helpful Comment? 0 0
cheap, fast, good - pick any two.

PSA: Yahoo email is extremely insecure...switch to Gmail if you can!! Hotmail is better but not as good as Gmail.
Joined Apr 2006
Shreddin'
5,981 Posts
1,640 Reputation
Original Poster
#12
Quote from cheap_bastid View Post :
Most likely printers, smart phones, tablets, etc... You should be okay with the changes you made.

I have a plethra of devices on my router that I've identified as to what each one is. No worries about neighbors trying to get on.
Pretty much anytime we get a new device, I add a reservation for it in our DHCP list. The only thing I've added really recently is a Chromecast device.

Quote from brbubba View Post :
Fing might be a more reliable tool for sniffing out those devices. It's what I use at home.
Thanks, ill try that when I get home.
Reply Helpful Comment? 0 0
Last edited by TheEdge September 3, 2013 at 05:16 PM
#13
Quote from TheEdge View Post :
Pretty much anytime we get a new device, I add a reservation for it in our DHCP list. The only thing I've added really recently is a Chromecast device.




Thanks, ill try that when I get home.
I would turn off WPS if you have it enabled, its about as trivial to break as WPA. (assuming your scared someone hacking in to your wifi). With that being said hiding your SSID does nothing, the SSID is transmitted when ever a device commuicates so it only takes a few sec to decloak the access point.
Reply Helpful Comment? 0 0
....


...
Joined Apr 2006
Shreddin'
5,981 Posts
1,640 Reputation
Original Poster
#14
Quote from mrbobhcrhs View Post :
I would turn off WPS if you have it enabled, its about as trivial to break as WPA. (assuming your scared someone hacking in to your wifi). With that being said hiding your SSID does nothing, the SSID is transmitted when ever a device commuicates so it only takes a few sec to decloak the access point.
WPS has been turned off for quite awhile. And we're using WPA2.
Reply Helpful Comment? 0 0
Joined Aug 2008
L99: Slicker than Ice
6,393 Posts
1,756 Reputation
#15
I would look at the router logs/clients rather than what windows may or may not see (or think it sees)
Reply Helpful Comment? 0 0
Page 1 of 2
1 2
Join the Conversation
Add a Comment
 
Copyright 1999 - 2016. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard