Mystery computer on my network

[morella]

I was trying to get my laptop talking to my desktop so I could transfer some files. While working on that I saw the usual devices, but one additional one named douglas. I clicked on it trying to find out info on it and it said the info was unavailable so I couldn't even figure out the make of the device. The computer quickly disappeared from my network device list.

So since I have a WiFi network the obvious answer is that someone hacked into my WiFi and is getting free internet. I went to my router to troubleshoot more and didn't see any unusual devices connected. I can't seem to find any log showing when devices connect to see if I can find the make from the MAC address. I don't know maybe home routers don't have that.

However it then occurred to me that my computer is on a workgroup that is not named the default windows workgroup name. So that would mean I shouldn't see a freeloader on my computer unless he was on my workgroup right? That is how that works?

So I am at a loss as to how I saw another device in my network unless someone hacked my WiFi and my workgroup name. Only other thing I could think of is my old roomate's brother was named douglas and somehow it briefly showed his or her old device (idk if that was a device name or not), but that seems less likely than a workgroup hack as that was 4 years ago on Windows 7 computer that has been upgraded to 10 through the free download.

What are you guys thoughts?

 

[BuddhaSkoota]

I was trying to get my laptop talking to my desktop so I could transfer some files. While working on that I saw the usual devices, but one additional one named douglas. I clicked on it trying to find out info on it and it said the info was unavailable so I couldn't even figure out the make of the device. The computer quickly disappeared from my network device list.

So since I have a WiFi network the obvious answer is that someone hacked into my WiFi and is getting free internet. I went to my router to troubleshoot more and didn't see any unusual devices connected. I can't seem to find any log showing when devices connect to see if I can find the make from the MAC address. I don't know maybe home routers don't have that.

However it then occurred to me that my computer is on a workgroup that is not named the default windows workgroup name. So that would mean I shouldn't see a freeloader on my computer unless he was on my workgroup right? That is how that works?

So I am at a loss as to how I saw another device in my network unless someone hacked my WiFi and my workgroup name. Only other thing I could think of is my old roomate's brother was named douglas and somehow it briefly showed his or her old device (idk if that was a device name or not), but that seems less likely than a workgroup hack as that was 4 years ago on Windows 7 computer that has been upgraded to 10 through the free download.

What are you guys thoughts?

If the "Douglas" device was attached to your wifi at any time in the past, it will continue to connect when it is in range of your wireless router unless you have changed the password. I would strongly recommend immediately changing the wifi password, and disabling WPS if enabled.

Btw, network media devices will show up as available devices on your network even if they are not in the same workgroup. Devices in a common workgroup permit sharing of files and folders via permissions, but any other devices are shown as potential sources or destinations.

 

[marksavio]

you can also do a whitelist on your router. its easy to do. just keep a record of all the mac addresses of your devices and add them to the list. this is just a one time hassle. this will assure you that ONLY your devices are connected to your WIFI network. be sure to change the admin password to your router there tho coz this "douglas" may have changed it or knows it.

 

[bill001g]

you can also do a whitelist on your router. its easy to do. just keep a record of all the mac addresses of your devices and add them to the list. this is just a one time hassle. this will assure you that ONLY your devices are connected to your WIFI network. be sure to change the admin password to your router there tho coz this "douglas" may have changed it or knows it.

Not that your advice is not correct but it adds little security wise. If you have good encryption keys the person never gets far enough to worry if their mac is valid. If they do somehow get past the password/encryption like someone was stupid and left WPS enabled then the person likely can hack past the mac restriction also. Although windows tends to make it harder there are still some nic wifi drivers changing the mac address is as easy as keying it in like you do on ethernet.

You can do it but it is mostly a feel good thing to be doing since it doesn't slow down a real hacker.

 

[morella]

I was trying to get my laptop talking to my desktop so I could transfer some files. While working on that I saw the usual devices, but one additional one named douglas. I clicked on it trying to find out info on it and it said the info was unavailable so I couldn't even figure out the make of the device. The computer quickly disappeared from my network device list.

So since I have a WiFi network the obvious answer is that someone hacked into my WiFi and is getting free internet. I went to my router to troubleshoot more and didn't see any unusual devices connected. I can't seem to find any log showing when devices connect to see if I can find the make from the MAC address. I don't know maybe home routers don't have that.

However it then occurred to me that my computer is on a workgroup that is not named the default windows workgroup name. So that would mean I shouldn't see a freeloader on my computer unless he was on my workgroup right? That is how that works?

So I am at a loss as to how I saw another device in my network unless someone hacked my WiFi and my workgroup name. Only other thing I could think of is my old roomate's brother was named douglas and somehow it briefly showed his or her old device (idk if that was a device name or not), but that seems less likely than a workgroup hack as that was 4 years ago on Windows 7 computer that has been upgraded to 10 through the free download.

What are you guys thoughts?

If the "Douglas" device was attached to your wifi at any time in the past, it will continue to connect when it is in range of your wireless router unless you have changed the password. I would strongly recommend immediately changing the wifi password, and disabling WPS if enabled.

Btw, network media devices will show up as available devices on your network even if they are not in the same workgroup. Devices in a common workgroup permit sharing of files and folders via permissions, but any other devices are shown as potential sources or destinations.

If a valid "douglas" ever existed it should be two states away and it was on a different network, with a different SSID, and with a different password. I just wasn't sure if windows had remembered it and didn't update for some reason, which seems highly unlikely.

I have changed the password. Turns out WPS was turned on. It came on by default and I hadn't seen it as an option to turn off when I set up the router a couple weeks ago. I had forgot to look for it to turn off. Seems to be tied to broadcast SSID. So easy fix.

Thanks for the info on the workgroup info. That makes sense as the icon for douglas was different than my laptops, but still listed as a computer. I thought it was the media device icon when I first saw it. That part at least comforts me. Now to keep an eye out for intruders.

 

[morella]

Yeah, I know about the mac address whitelist, but it is a little bit of a pain when friends and family come over. Also since I just set up this router I figured it meant there was something wrong in the setup. If it was the WPS thing then I am a tad concerned that someone in my neighborhood was that bothered to get onto my network when there are so many other options, but maybe I had the strongest signal.