Question So I scanned all devices using my Modem

[Dcopymope]

And I used the 'Nmap' tool in the command prompt so I can see who is who, just to make sure I don't have any ninja's lurking about. All IP addresses looked good except one. I pasted the mac address in the website linked below to try and get some information yet all I got was an 'alert' message saying no record was found. I'm hoping this is the address for my other printer because I have no idea what else it could be. Should I be concerned?

Link: https://dnschecker.org/mac-lookup.php

 

[bill001g]

Mac address mean very little since you can set them to anything you want in most equipment. A real hacker would make his look innocent. The company name you find in those lists also don't mean much companies have been merged and purchased so much they mean very little about the company actually using them. Look at all the companies google owns,,,,and google is actually owned by alphabet inc.

NMAP is not a good tool to see what is connected. Your router ARP table is the best. A device can be configured to not respond to any IP coming into it, actually a good firewall rule in general. It prevents tools like NMAP from learning anything that can then be used to attack the machine. A real hacker also know this and will protect his machine.

The machine though can not ignore arp requests because then it could not communicate at all so generally there is a entry in the ARP table.

You need to first figure out if the device is coming in via wifi or ethernet. Pretty easy if it responds to nmap just turn off the wifi radios and see if it still responds. On ethernet you can unplug cables until you find it.

Wifi is fairly secure but you need to make sure you turn off the WPS option in the radio settings on both radios. If you had this option enable you should change your wifi password after you turn it off. WPS actually gives someone your wifi password that knows the WPS key and the WPS key can be guessed in a couple minutes with even a cell phone.

 

[Phillip Corcoran]

Disconnect that "other printer", then check Mac addresses again.

Also be aware that IP addresses and Mac addresses are two different things, so on that dnschecker website you need to enter Mac address, not IP address.

An IP address is a numerical string whereas a Mac adress is alphanumeric.

 

[Dcopymope]

@bill001g @Phillip Corcoran

Well, I just checked every single device using my modem, and I still have no idea who this is, so I just blocked it and called it a day.