Security Issue with Network??

[Twiggz]

I keep seeing devices listed under phones on my windows network tab. I also saw a PC named Thor under computers.
I tried to ping thor-pc under cmd prompt but nothing happened and when I check the network tab again the computer was gone.
None of the devices stay around very long and I changed the password to my router and also to my wireless network. They still randomly show up.
When I clicked on Thor it said manufacturer amazon. My kid has a kindle fire hdx, is that what that is?
What is this??

 

[Xtreme Barton]

It's tough to say given the information.. But it could be people attempting to connect. Have you tried turning off ssid broadcasting? See if that helps. You will probably have to manually configure your devices. Also configure mac address connection to specifically allow only your devices. There are a lot more configurations but perhaps try ssid broadcast first to see if anything keeps popping up

 

[Xtreme Barton]

Also list your router model etc.. You can check the device name of the kindle you own as well .. Even change its name to something else to see if that name happens to appear..

 

[Twiggz]

It's tough to say given the information.. But it could be people attempting to connect. Have you tried turning off ssid broadcasting? See if that helps. You will probably have to manually configure your devices. Also configure mac address connection to specifically allow only your devices. There are a lot more configurations but perhaps try ssid broadcast first to see if anything keeps popping up

Okay, my first thought was also perhaps that it was people trying to connect. Also, my second thought was turning off ssid broadcasting Lol. I just didn't want to fool around with that until posting here first.

As far as the kindle goes, I am 100% positive that it is not named thor. Which also lead me back to my first thought.
I'll try turning off ssid broadcasting and see what happens.

 

[unijabnx2000]

WPA2?

 

[Automata]

If someone got your password for WEP or WPA, they probably also know how to get around a non-broadcasted SSID and MAC filtering. Why take half measures?

Best thing to do is switch to WPA2 encryption, change the password to, at least, 12-14 characters long (the longer and more complex, the better), then reconfigure your devices. Don't bother with disabling the SSID or with MAC filtering. They are just a pain to work with are are easy to bypass.

 

[Xtreme Barton]

Can't you enable wpa2 as well with other features mentioned? It's possible someone is trying to connect and that their name is appearing as they attempt connection. Nothing is saying they actually gained connection. But as mentioned using wpa2 would be best as well .. It's also a good possibility that if someone can bypass your ssid and mac filter they can too crack your wpa2...

 

[Automata]

Can't you enable wpa2 as well with other features mentioned?

Of course, but there is no reason to enable them because they offer absolutely no security benefits and are a pain to maintain.

It's possible someone is trying to connect and that their name is appearing as they attempt connection. Nothing is saying they actually gained connection.

No. If Windows is listing it as a device, then it is on the network.

 

[Xtreme Barton]

Of course, but there is no reason to enable them because they offer absolutely no security benefits and are a pain to maintain.

No. If Windows is listing it as a device, then it is on the network.

That's a matter of opinion.. It's not hard at all in home network environment to maintain.. And just because I click on your listed network and attempt to connect, doesn't mean I have done so and I have access.

A matter of a few steps more is a pain for some and others its no big deal.. Reminds me of the windows 8 vs. 7 thread where it was just a huge pain for some .. Implementation of many security options is by far better than fewer.. Does that make it impossible to breach no .. But it does take a few more steps to do.. Maybe if it takes a few more it might become to much to attempt.. That's my opinion anywho

 

[Twiggz]

Okay, my security mode was WPA/WPA2-PSK. I changed it to WPA2-PSK. I had already changed my password so I'll just do it once again.

So if they are listed on the network, are they on the network? Or are they just attempting the network?

Edit: Also when I log into my router, I am logging in through my browser. Should I use https://X.X.X.X instead of just typing in the IP plain? When I try using https it says the site is untrusted.

 

[Automata]

If they show active on the network, they on the network.

 

[Twiggz]

Why is it that I can ping my media server, but when 'thor' is on the network, I cannot ping it?
Is it really there?

I opened firefox (which is my most secure browser I have it set to block just about everything) and logged into my router with https. I changed the ssid to not broadcast, I changed my router PW again, I changed my wireless password again, and then even changed my ssid itself. Applied and logged out. Also scanned with AVG and "no threats"

Anything else I can do?

 

[Automata]

If you changed everything and it is still showing on your network, then it is on your network.

 

[unijabnx2000]

Did you disable wps?

 

[Twiggz]

Okay, also just disabled WPS.

 

[unijabnx2000]

change the dchp subnet/mask to something else, and reboot the router.

 

[Xtreme Barton]

Could you post a screen shot as well ?

 

[Twiggz]

I stopped at disabling WPS, I haven't seen thor again yet. I guess it could just be a coincidence also.

Here is what I was seeing.

 

[kyfire]

Amazon model KFTHWI is a Kindle Fire HDX 7, so Thor is your Kindle

 

[Twiggz]

Well, that would be pretty funny if it was mine the whole time. I don't think it was though, because I never updated the network settings on it after disabling ssid broadcast etc etc. There was still a thor. Perhaps it was a neighbors tablet?

Edit: Also remember there were random phones as well. HTC Phone showed up a lot. I don't own one. The phone went away after the first changes though.