Ghost Network Devices

G

grim

Expert Member
Joined
Jan 6, 2006
Messages
3,732
Reaction score
2
Location
Pretoria East
I noticed two devices showing up randomly in my network browser on Win 8 and thought this is very strange as I have MAC filtering enabled and a rather long WPA2 passphrase on my wireless. One is named protou and the other IdeaTabS6000-H

Screenshots of both devices' properties:
Protou Device:
protou.png
IdeTabS6000-H Device:
IdeaTab.png

The properties on the protou device indicates it's an HTC Desire X and the IdeaTabS6000-H well is a Lenovo Idea Tab S6000-H

I've never owned or know anyone that has owned either of these devices, their MAC addresses aren't on my whitelist, my DHCP has no record of them and neither does an ARP lookup turn up anything on them.

After searching a bit I found these threads:
http://www.eightforums.com/network-sharing/12630-someones-phone-connected-my-network-why-how.html
http://www.dslreports.com/forum/r27839259-intruder-in-my-network
http://www.dslreports.com/forum/r27866283-Other-Strange-device-detected-on-Windows-network

So it seems that devices are being picked up when they interrogate the wireless network and I would assume are sending out broadcast packets that are being picked up by Windows which ends up listing them under the network browser.

Enough to make anyone concerned about security go :wtf:
 
I've seen win keeps a history of devices on the networks one has connected to before and also USB devices that were previously connected. It might have picked them up on some network you once joined and not necessarily your home
 
kianm said:
I've seen win keeps a history of devices on the networks one has connected to before and also USB devices that were previously connected. It might have picked them up on some network you once joined and not necessarily your home
Click to expand...

Both my desktop which has never left my house and brand new tablet that I got yesterday morning were seeing the same devices at the same times
 
grim said:
I noticed two devices showing up randomly in my network browser on Win 8 and thought this is very strange as I have MAC filtering enabled and a rather long WPA2 passphrase on my wireless. One is named protou and the other IdeaTabS6000-H

Screenshots of both devices' properties:
Protou Device:
View attachment 115616
IdeTabS6000-H Device:
View attachment 115618

The properties on the protou device indicates it's an HTC Desire X and the IdeaTabS6000-H well is a Lenovo Idea Tab S6000-H

I've never owned or know anyone that has owned either of these devices, their MAC addresses aren't on my whitelist, my DHCP has no record of them and neither does an ARP lookup turn up anything on them.

After searching a bit I found these threads:
http://www.eightforums.com/network-sharing/12630-someones-phone-connected-my-network-why-how.html
http://www.dslreports.com/forum/r27839259-intruder-in-my-network
http://www.dslreports.com/forum/r27866283-Other-Strange-device-detected-on-Windows-network

So it seems that devices are being picked up when they interrogate the wireless network and I would assume are sending out broadcast packets that are being picked up by Windows which ends up listing them under the network browser.

Enough to make anyone concerned about security go :wtf:
Click to expand...


It could also be that someone has tampered with that existing version of operating system.

Was the OS pre-installed when you bought it ?
 
ZodiacLegend said:
It could also be that someone has tampered with that existing version of operating system.

Was the OS pre-installed when you bought it ?
Click to expand...

Desktop was installed from MSDN ISO that I downloaded myself and tablet was pre-installed by Dell.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X