Still have an unauthorized device on my Network

  • 1
  • Problem
  • Updated 3 years ago
So, after securing my router with a new password and disabling the WPS on it, I still have someone in my neighborhood with an iPhone using my service. There is one final solution to this ( before the final solution of switching providers) is to block the MAC address of said iPhone. When I called customer service yesterday, I was told that they couldn't see the devices on my Network. That is absolutely false, and I told her so and was transferred. The next agent wanted to have me guess what device didn't belong until I told her to just name them since I pay for the service. Very poor service indeed. I then emailed requesting the MAC address of the iPhone so that before I block it, I can cross reference it with my devices to make sure it's not a clonned address. The response was that due to security of the platform of email, they couldn't give me that information. Did you just tell me you're not on a secure server when you respond to customers? Do you think I care if some Chinese national hacking into the unauthorized device that is using what I pay for? Are you gonna track them down and force them to pay my bill? And how exactly did customer service determine that closing my case, which isn't remotely solved, was a good idea? If you are unwilling to help me in this matter, you can just send me the box and UPS label to send your equipment back to you and cancel my service. It is My Network, My Service that I am paying for, not the thief that you seem so inclined to protect. Maybe you can get them to sign up for your service but I doubt it.
Photo of Waterpixe70

Waterpixe70

  • 65 Posts
  • 9 Reply Likes
  • Fed up.

Posted 3 years ago

  • 1
Photo of Kentuckienne

Kentuckienne

  • 26 Posts
  • 11 Reply Likes
If you are using a wireless router connected to the satellite modem, you can block the offending device yourself.

It's not enough to just change the user password on the router - you also have to change the admin password. It's usually some stupid default that everyone knows. Find your router in a browser, launch the admin panel - just google your router brand if you need instructions - and change the administrator password. Then restart the router and make sure you can still log in as administrator. It sounds as if someone knows the admin password for the router, so they can just log on and see what the user password is. Once you change that, they should be locked out. 

Once you have done that, you can now change the wireless password again and start reconnecting your devices one by one. You'll have to input the new password on each one. On the admin panel, you can watch the devices come online and see the mac address and device name of each one (if there is a device name assigned). The mac address never changes, it's a hardware address. You have two choices: you can blacklist a known offending device by blocking its mac address. Or, you can have a whitelist where only the addresses you specify can be on the network. The latter is more restrictive, and more powerful, but a bit more hassle as you will have to update the list manually whenever someone gets a new phone or whatever.           

If you are worried that your iPhone might have been cloned, it's a simple test. Turn your phone off and check to see that it dropped off the network list in the router admin panel. You can check to see your own phone's address in system settings, so you can be sure you aren't blocking your own device. 

You also have to disable the guest account, by the way. 
Photo of Kaotic Technologies

Kaotic Technologies

  • 281 Posts
  • 120 Reply Likes
Very well said, perfect
Photo of Waterpixe70

Waterpixe70

  • 65 Posts
  • 9 Reply Likes
All of the above is done, actually did all a month ago. So hopefully having changed passwords again, will have gotten rid of the perp. We'll see in a couple days. I have an app on my phone that scans for devices on my Network so I have all the MAC addresses for our stuff. Interestingly, DirecTV receivers show up w/IP and MAC addresses when connected to their cinema kit. Makes sense though, it's a device connecting to the network.
Photo of Kaotic Technologies

Kaotic Technologies

  • 281 Posts
  • 120 Reply Likes
Is your icon from a old school pen a nd paper game called "Elf quest"?
Photo of Waterpixe70

Waterpixe70

  • 65 Posts
  • 9 Reply Likes
It's actually a drawing from one of Wendi Pini's graphic novels in the Elf Quest series.
Photo of LorrieL

LorrieL, Champion

  • 637 Posts
  • 215 Reply Likes
Kentuckienne, I am in awe of your knowledge!  what a great and oh so complete answer.
Photo of Knight Rider

Knight Rider

  • 957 Posts
  • 536 Reply Likes
Technically speaking Exede is only responable for the service its self the dish tria and modem. If you add a wireless router to your network its up to you to make sure its secure. That being said one other option is to do a hard reset on your modem and set it back up from scratch with new ids and passwords to log in to the router and a new wireless name and new wireless password using wpa2 security. Too like you said if you have the Mac address make sure it's not something in your house (TV, Xbox, PlayStation, sat TV box or anything) and then just add that Mac address to the blocked list on your router. Once you do that they are blocked completely until you remove that Mac from the block list.
Photo of J&J

J&J

  • 1683 Posts
  • 1000 Reply Likes
Why do a blacklist?  Any new arrival is OK.  Best to do white list so if not on list, no access.  Only add wanted devices to white list and you're done.
Photo of Knight Rider

Knight Rider

  • 957 Posts
  • 536 Reply Likes
True you could do it that way too...could also go kick your neighbors car door in for stealing your internet lol....OK best stick to either blocking him or creating a white list.
Photo of Kentuckienne

Kentuckienne

  • 26 Posts
  • 11 Reply Likes
Craig is right. It's most secure to do the whitelist, you just have to change it when you add/remove/change devices, TV receivers, whatnot. Maybe make a printout to refer to in the future, so in case some nefarious ne'er-do-well knows how to access the router's admin console you can spot any additions. 

Not that this has ever happened to anyone I know, but I do know of kids who have given their friends the passwords to get on the network because you have to let your friends on your wifi, man, and once on always on. A whitelist, and an admin password that only you know, will stop that.
Photo of Exede Lindsey

Exede Lindsey

  • 1827 Posts
  • 163 Reply Likes
Hello Waterpixe70, I would be more than happy to review your account to see if I can verify and locate the“iPhone” device on your network. Please consider that we are extremely limited to information to devices that have accessed through your personal router. Please feel free to send us an email at exedelistens@viasat.com I’d be more than happy to help as much as possible with this issue. Thank you. 
Photo of Kentuckienne

Kentuckienne

  • 26 Posts
  • 11 Reply Likes
Same here. Not that I want to know your passwords, I don't, but if you want I can send you documentation on your particular router/network config and see if there are any known problems. Some routers have firmware that allows them to be compromised by evildoers, worms, trojans ...