I've used this program for back when I used Windows. There I noticed that one of my access points (all was routers with DHCP disabled etc.) with WPS disabled was showing as WPS enabled. Maybe @Smerrills can try this if he doesn't have another way to diagnose it.
DoS attacks are usually false positives, if you look up the IP's its probably stuff like Dropbox and the like.
Did as you said, and for nearly 8 hours and counting, no more odd log traffic, no more unknown IP, and ISP called me and thanked me for figuring out my problem.
So, I think we have it sorted. Also changed the SSID even though it's not being broadcast to something that matches more closely the networks around me.
Hopefully now this is resolved, and I don't have anymore problems.
Thanks everyone. Thank you very much. Will post again in here if it happens again.
2 Likes
So it was a phone that was causing it?
No, we established that phones weren't it cause the IP was still on the network AFTER the phones were off with batteries taken out.
maybe I am missing something but what was conclusion besides you are disabled dhcp
Someone else will have to come up with a conclusion, cause I did so much, who knows what fixed it really. All I know, is they're off my system, and ISP is happy. Which means they won't drop me, and I don't have to settle with the crappy companies surrounding me.
If it makes you feel any better misconfigured software DOS'ed our primary domain controller yesterday and knocked out about 80% of the speed of our domain since it was delaying DNS queries.
Yesterday was not a fun day. I've never liked being DNS admin. GPO/AD admin sure, but eff being a DNS admin.
Why would an ISP drop you do they not just charge you more?
whitelist is a list of accepted mac addresses, everything else is blocked.
Blacklist is a list of not approved mac's, everything else is accepted.
there is a world of difference since in one case you basically dictate i will only accept xyz devices, and in the other case you're accepting everything except xyz devices.
but i honestly do not think your neighbours hacked you, it's proberly some kind of malware eating bandwidth like nuts, id start looking at where the data goes rather then who's using it, try some kind of package sniffer software(maybe wireshark or like).
Haven't tried setting it up myself, but I've heard setting up FreeRadius is a PITA. Once you getting working though, it's pretty smooth sailing (from what I've heard).
I started setting it up at my old job but never got it done since I found a new job a few days after deciding to do it and dropped it to finish the VLAN integration. That had a greater long term impact than radius and I only had time to do one and still do my day to day tasks.
I'm wanting to do it just so I can say I k ow how go really. IIRC it is a PITA.
This was already solved.
The IP was none of my devices. I took all my devices off the network, it was still happening. The MAC address was none of my devices. Someone was getting into network.
But to this day since I ended this post, IP hasn't come back onto my system, and my traffic is back to normal.
Tested all my stuff on another network, no funny business.
Again, I don't know what fixed it. I changed alot of stuff because of this thread. But I'm just glad it's fixed.