Being a careful sort, I enabled security for my home wireless network.
Specifically, I:
- Enabled WEP with a 13-byte key (I have TiVo connected via wireless, and it doesn’t support WPA so I must use WEP.)
- Turned off SSID broadcasting.
- Enabled MAC filtering.
I know there are ways to hack around all these things, but my neighbors are an upstanding bunch of citizens and have better things to do than hack my wireless network. I’m happy with “good enough” security.
Nevertheless, I see a rogue client on my “attached clients” list. The MAC address isn’t in the “white list” but the router admin page still shows it as a “connected device”, with a blank hostname.
I verified that my wireless router does indeed disallow access to MAC addresses not on the list, by removing the one for my laptop and verifying that it was unable to correct until I added its MAC address back to the whitelist.
Rebooting the router does not get rid of the rogue client. The router is a D-Link DI-624.
At first I thought the router was displaying its own MAC address as a “connected client”, but I checked and the listed one does not match.
The rogue client has an IP address, which when I ping gets no response. If I use “arp -a” after the ping I see the client’s IP address and MAC address.
I’m pretty sure I’ve accounted for every connected device in the house and none of them matches the unknown MAC address.
Any ideas what might be going on?