cancel
Showing results for 
Search instead for 
Did you mean: 
Replies are disabled for this topic. Start a new one or visit our Help Center.

What to do about Unnamed Devices

ahr
Community Member

I have been receiving messages about new devices joining my network and right now I can see 7 unnamed devices with MAC addresses that I don't recognize.

My first and most important question is: are these the result of external people hacking into my network and does it mean that its password is compromised?

If that is the case, is resetting the password the only solution? I had hoped that I could filter on MAC addresses, but that doesn't seem to be an option. 😞  The problem is that resetting the password is a major pain because of a few of the devices that are connected.

8 REPLIES 8

MichaelP
Diamond Product Expert
Diamond Product Expert

Hello @ahr 

It's most likely that you have some client devices that are generating random MAC addresses. If you take a look at the actual MAC addresses you're seeing, there should be 12 characters in groups of two. If you look at the first group, and the second character in that group is either a 2, 6, A, or E, then it is very likely a random MAC address generated by one of your clients. For example, the address 92:B1:B8:42:D1:85 has a "2" as the second digit in the first group ("92"), indicating it is a random address.

So, if that's what you're seeing, it shouldn't be a security issue and you shouldn't need to reset your password. But, it will be annoying until you figure out which client is generating those random MAC addresses and reconfigure it to stop doing that. Some clients that use random addresses will pick one random address and keep using it on that network indefinitely (but won't use it on any other network). Some other clients may pick a new random address periodically, though, and that will get pretty annoying.

All of that said, if these aren't random MAC addresses, then changing your WiFi password to something stronger and reconfiguring your clients would be prudent. I would not do that unless you're sure it isn't just random MAC addresses from your trusted clients.

ahr
Community Member

Michael, thank you for the quick reply. Most of my dozen or so unnamed devices fall in your random categories. However, I also have an 8 and a C. That sounds like it's a "maybe" situation.

Do you have any suggestion as to how to determine which client might be generating the random unnamed devices?

MichaelP
Diamond Product Expert
Diamond Product Expert

It's possible some clients aren't following the numbering convention, so the 8 and C may still just be random MAC addresses. But, you may also be able to look them up in a MAC address vendor database (I use something like https://www.wireshark.org/tools/oui-lookup.html but there are others). That just needs the first half of the MAC address.

Other than that, it seems like most of the random MAC addresses are generated by mobile devices (iPhone, iPad, Android) or Windows machines. So, you might just take a look at any of the devices you have that might be in that category and see if they've been configured to do this (and if you can disable it, which they may warn you about, but should be perfectly safe in a network you own).

Jeff
Community Specialist
Community Specialist

Hi, ahr.
I just wanted to jump in real fast to see if you saw MichaelP's latest reply and to see if you still needed some help on this or if you were able to get it sorted out. If you are still needing some help, just let us know and we'll be happy to continue helping.
Thanks.

ahr
Community Member

With thanks to MichaelP: I now suspect it's all random MAC addresses. Looking at the times when they were used, it seems pretty random - nothing systematic. The two addresses that were traceable pointed to Mitsumi and Murata, and I gather they are likely to refer to components in my devices.

I will also reboot the whole system. And if it gets worse, I will change the password.

Thank you again, it made me breathe easier 🙂

Jeff
Community Specialist
Community Specialist

Good to hear you're feeling better about it, ahr. MAC randomization can really add up to some confusing results, for sure. Before I mark this as resolved, is there anything else you might need? If so, just let me know.

Thanks.

ahr
Community Member

Jeff, mark it as resolved.

Thank you!

Jeff
Community Specialist
Community Specialist

Sounds great. Thanks, ahr!

If you need anything else at all, just feel free to open a new thread.