Forum Thread

SOLVED: Random "computers" showing up on my network

6,855 1,906 September 3, 2013 at 10:24 AM
About six months ago, I noticed a Motorola Razr on my network (when I viewed the "Network" group in Windows 8). I blocked the MAC address of it and never saw it again -- but later that night, a desktop computer popped up (probably because the person trying to hop on my WiFi realized his phone couldn't do it anymore). With the help of some SD'ers, I came to realize that having WPS enabled is a HUGE security hole. So I closed that up, reset my password (it's now 20+ characters long in WPA2) and changed/hid my SSID so nobody can see it -- they have to KNOW it (it's pretty random).

I just got my new computer all set up and noticed two items besides our household computers on there. The odds of them knowing the SSID -AND- figuring out the password are slim and none. I've gone into my router's access filters and made it so only the MAC addresses of the hardware I've reserved DCHP for can get on our network. Saved the changes, reset the router and the devices are still showing. Thoughts? Time for another password overhaul? (Pictures attached). Note how if I expand the "machine" called A1B2D7000000, it has a shared folder called "canon_memory" (FWIW). If I try to access the other one (NPI....), it says it can't connect. Currently, we aren't sharing anything as far as documents, so nobody should be able to access anything -- assuming it is even a human trying to get on our network.

I'm just baffled as how there could be anything outside of this house on there due to the strong security/hidden SSID and my router only allowing access to items with the MAC addresses I have personally entered.

29 Comments

1 2

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2004
L6: Expert
1,424 Posts
178 Reputation
#2
The "A1B2D7000000" is your printer. I'm not sure what else you have on your network that could be identifying as the NPI name, but it's most likely one of yours.
Reply Helpful Comment? 0 0
Quote from DrKaraoke :
The commisioner has announced that the 2005 coupon posting season has been cancelled due to the inability to agree on where to post the coupons. laugh out loud
www.homestarrunner.com (Strongbad's E-mail) [homestarrunner.com]
This comment has been rated as unhelpful by Slickdeals users
Joined Apr 2006
L10: Grand Master
6,855 Posts
1,906 Reputation
Original Poster
#3
Quote from rustynail1978
:
The "A1B2D7000000" is your printer. I'm not sure what else you have on your network that could be identifying as the NPI name, but it's most likely one of yours.
Yeah, we have a Canon printer, so that crossed my mind...but we've never had it show up like that before on our network. That being said, I just started using a new Dell computer and it might "see the printer" differently based on how it installed the driver (automatically). It's technically my wife's Canon printer and it is connected to our network via WiFi.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined May 2009
L9: Master
5,082 Posts
608 Reputation
#4
Do you have a phone that runs through the router? Trying to figure what the NPI device is, that is one guess. I think I remember seeing an IP phone with that name before.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Jan 2006
L10: Grand Master
13,101 Posts
1,539 Reputation
#5
Quote from TheEdge
:
The odds of them knowing the SSID -AND- figuring out the password are slim and none.
Finding a hidden SSID is trivial. If someone knows you have a router broadcasting wifi they can find it
Reply Helpful Comment? 0 0
Steely blue eyes with no love in them scan the world
And a humourless smile with no warmth within greets the world
This comment has been rated as unhelpful by Slickdeals users
Joined Apr 2006
L10: Grand Master
6,855 Posts
1,906 Reputation
Original Poster
#6
Quote from Pedantyc
:
Do you have a phone that runs through the router? Trying to figure what the NPI device is, that is one guess. I think I remember seeing an IP phone with that name before.
Not a phone as in VoIP, but my wife and I both have iPhones on our wifi. They have never shown up like that before if they are the culprit.

Quote from vivahate
:
Finding a hidden SSID is trivial. If someone knows you have a router broadcasting wifi they can find it
But then they would also have had to hack a 20 character password and somehow get through the router's filter that only allows the MAC addresses that I entered.
Reply Helpful Comment? 0 0
Last edited by TheEdge September 3, 2013 at 11:35 AM. Reason: Automerged Doublepost
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2005
L10: Grand Master
14,197 Posts
5,243 Reputation
#7
Quote from TheEdge
:
Not a phone as in VoIP, but my wife and I both have iPhones on our wifi. They have never shown up like that before if they are the culprit.




But then they would also have had to hack a 20 character password and somehow get through the router's filter that only allows the MAC addresses that I entered.
Cloning a MAC address is super trivial especially after you have sniff the traffic needed to do the decryption of the network password. It basically adds no protection from anyone who knows 1% of what they are doing.
Reply Helpful Comment? 0 0
Vague questions receive vague answers . . . . . .
This comment has been rated as unhelpful by Slickdeals users
Joined Jun 2005
Let Sleeping Dogs Lie
6,468 Posts
2,515 Reputation
#8
It is probably just a device you have you can look up a mac address and see who the adapter belongs to, it may help

http://www.coffer.com/mac_find/

You could also just block the device and see what did not work, for me
Devices with SD card slots can show up 2 different ways too
Reply Helpful Comment? 0 0
Last edited by komondor September 3, 2013 at 12:15 PM.

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Jul 2003
L10: Grand Master
34,304 Posts
6,120 Reputation
#9
Quote from komondor
:
It is probably just a device you have you can look up a mac address and see who the adapter belongs to, it may help

http://www.coffer.com/mac_find/

You could also just block the device and see what did not work, for me
Devices with SD card slots can show up 2 different ways too
Could be the Cannon Printer again. Scratchchin


~~~~~~
OP, Hiding the SSID does nothing, anybody with a wifi finder software running on their laptop, etc will show what the SSID is. It just keeps the n00bs from trying to attach to it.
Reply Helpful Comment? 0 0
worshipTHANK YOU to those whom have fought and are fighting for our FREEDOMworship

Please Support Autism Awareness [autismspeaks.org]
Yahoo!Yahoo! 7/11/2009
This comment has been rated as unhelpful by Slickdeals users
Joined Mar 2004
L11: Monkey's Apprentice
17,532 Posts
2,826 Reputation
#10
Fing might be a more reliable tool for sniffing out those devices. It's what I use at home.
Reply Helpful Comment? 0 0
Quote :
Reading comprehension isn't just for school children!
This comment has been rated as unhelpful by Slickdeals users
Joined May 2006
I hate mail in rebates
6,426 Posts
1,277 Reputation
#11
Most likely printers, smart phones, tablets, etc... You should be okay with the changes you made.

I have a plethra of devices on my router that I've identified as to what each one is. No worries about neighbors trying to get on.
Reply Helpful Comment? 0 0
cheap, fast, good - pick any two.

"Don't cry because it's over, smile because it happened."
― Dr. Seuss
This comment has been rated as unhelpful by Slickdeals users
Joined Apr 2006
L10: Grand Master
6,855 Posts
1,906 Reputation
Original Poster
#12
Quote from cheap_bastid
:
Most likely printers, smart phones, tablets, etc... You should be okay with the changes you made.

I have a plethra of devices on my router that I've identified as to what each one is. No worries about neighbors trying to get on.
Pretty much anytime we get a new device, I add a reservation for it in our DHCP list. The only thing I've added really recently is a Chromecast device.

Quote from brbubba
:
Fing might be a more reliable tool for sniffing out those devices. It's what I use at home.
Thanks, ill try that when I get home.
Reply Helpful Comment? 0 0
Last edited by TheEdge September 3, 2013 at 05:16 PM. Reason: Automerged Doublepost
This comment has been rated as unhelpful by Slickdeals users
Joined May 2008
L9: Master
4,153 Posts
1,445 Reputation
#13
Quote from TheEdge
:
Pretty much anytime we get a new device, I add a reservation for it in our DHCP list. The only thing I've added really recently is a Chromecast device.




Thanks, ill try that when I get home.
I would turn off WPS if you have it enabled, its about as trivial to break as WPA. (assuming your scared someone hacking in to your wifi). With that being said hiding your SSID does nothing, the SSID is transmitted when ever a device commuicates so it only takes a few sec to decloak the access point.
Reply Helpful Comment? 0 0
....


...
This comment has been rated as unhelpful by Slickdeals users
Joined Apr 2006
L10: Grand Master
6,855 Posts
1,906 Reputation
Original Poster
#14
Quote from mrbobhcrhs
:
I would turn off WPS if you have it enabled, its about as trivial to break as WPA. (assuming your scared someone hacking in to your wifi). With that being said hiding your SSID does nothing, the SSID is transmitted when ever a device commuicates so it only takes a few sec to decloak the access point.
WPS has been turned off for quite awhile. And we're using WPA2.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2008
L99: Slicker than Ice
6,450 Posts
1,767 Reputation
#15
I would look at the router logs/clients rather than what windows may or may not see (or think it sees)
Reply Helpful Comment? 0 0
Page 1 of 2
1 2
Join the Conversation
Add a Comment
 
Copyright 1999 - 2018. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard