noob needs help there is a computer in my network which probably

Blacklist his mac address in the router and look around for angry people

>>57583002
search vendor list according mac, this may give you a clue about what kind of device

>>57583155
>search vendor list according mac
it says "private"

>>57583002
How did you find out about this rogue client in the first place? Was he eating up your bandwidth?

Since you are on the same network you can capture his traffic with Wireshark and go from there

>>57583323
>How did you find out about this rogue client in the first place?
was listed on my router webpage
>Was he eating up your bandwidth?
i guess not

>>57583363
I assume you're using WPA2 so it's probably one of your friends who figured out the passwords and now he's piggybacking on your wifi. If that's any consolation at least he's mindful enough to not to hog all the bandwidth

Wireshark, steal his cookies

>>57585331

This, steal all his encrypted cookies so you will be able to do absolutely nothing with them but look like an idiot skiddo.

>>57583323
>capture his traffic with Wireshark and go from there

Does listening on 802.11 traffic in promiscuous mode essentially work like listening on a LAN based on hubs (i.e. all just one collision domain where all frames are flooded everywhere)? What about the encryption? Is decryption using one's own WiFi key being attempted automatically?

>>57583017
This

>>57583017
>>57586541
You guys are idiots and tech illiterates.
Ever heard of MAC Spoofing?

>>57586581
implying that a random fgt is going to do that. pls.

>>57583002
>newfag doesn't know his IOT lightbulbs auto connect to his LAN
holy shit man...install gentoo lol

>>57586610
Dude it's fucking script kiddie shit.
Any 12 year old could do it with some Windows program

>>57583002
disable WEP, change user/admin password on router, change wpa2 pw's with something that has 12chars with letters, digits and symbols. go on with your life.

>>57586658
meh, all he needs is a strong password and wep disabled.

File: zealous_autoconfig.png (35KB, 740x211px) Image search: [Google]

35KB, 740x211px

>>57586636

>>57586581
If he blacklists the intruder's MAC address, all the intruder needs to do is to change his MAC address to get back in. For that sort of approach to not be trivially circumnavigated he'd need to whitelist all his trusted devices (implicitly blacklisting everything else), but even then the intruder might have noted down MAC addresses of peer nodes on the network once he was in for future reference

>>57586984
I believe it's still possible to spoof your MAC to be exactly the same as someone else's.
I've done it before, but I spoofed it to be the MAC address of the router.

File: 585fafb9a3.png (241KB, 784x1050px) Image search: [Google]

241KB, 784x1050px

>>57586675
Make sure it's wpa2-aes, use dice ware for the password, change the ssid, and setup a mac address whitelist

>>57587006
Yea, that's why the attacker could make later use of previously noted MAC addresses of trusted nodes on the network. To mitigate this you'd need to
- shut down the WLAN
- change the MAC address of each and every trusted node (including the router's WLAN interface)
- whitelist each of these new MAC addresses on the router
- bring the WLAN back up

>>57587085
Or you could remove the antennae and just use ethernet for all your machines

Eks Dee

>>57587006
>I spoofed it to be the MAC address of the router.
>be router
>"huh, this IP maps to my own interface's MAC address"
>"hurr, I'll make a frame and send it out into the network anyway, because why the fuck not"

>>57587120
You know how there's WAN IP and LAN IP? A lot of routers will happily accept Packets with the WAN IP on LAN ports

>>57586475
I think that the session is encrypted with a session key derived from the wpa password

>>57587707
So, if you listen in promiscuous mode, you will capture all and any traffic transmitted over the WLAN as if on a wired hub-based network (or listening via a monitoring/mirroring port on a managed switch)?

>>57586581

Ever heard of passwords being compromised in a variety of ways? Don't even bother using passwords at all dude.