Solved Question about unknown devices on the network.

Status
Not open for further replies.

Xeno1234

Level 13
Thread author
Jun 12, 2023
633
In Command Prompt, I wasn't getting the Mac addresses I needed until I entered ipconfig/all
It can show different connections so start from the top and work down until you find the corresponding Mac address that you're seeing in Plus. You may or may not need to do that, you could just try ipconfig, and see if that gives you the address, but I found I had to include "all" for some of them (at least for Glasswire).
Kaspersky gives me all the MAC Addresses of devices. I’ll run the command for a second opinion on the network as Kaspersky seems to not be fully accurate on if something is online or offline.
 
  • Like
Reactions: Jonny Quest

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,671
Devices that show up as unknown/private are often spoofing a private address space MAC address. Amazon e-readers and tablets as well as Apple devices do this by default. Doesn’t mean it’s not malicious, but something to consider if you have any of those.
 

Xeno1234

Level 13
Thread author
Jun 12, 2023
633
Devices that show up as unknown/private are often spoofing a private address space MAC address. Amazon e-readers and tablets as well as Apple devices do this by default. Doesn’t mean it’s not malicious, but something to consider if you have any of those.
I do have a iPad. That could be the unknown device as it’s not picked up as “iPad”

Kaspersky detects a MAC Address, however it doesn’t help to identify the type of device.

There is another device but I’m not sure if it appeared after a malware infection. It says it’s a Amazon device, but I don’t think we have any devices from Amazon. I’ll ask my mom.

I remember a malware I ran on a VM with Bitdefender was undetected by Bitdefender. It said there was a new device and scanned it. Would that device be on the network or would it be on the VM?

Edit: I think it scans USB and new media drives, that’s what it was talking about (Pretty sure)

I've scanned the network with the tool that @harlan4096 provided. There is a "unknown" device where the MAC Address has nothing attached to it. Its not the iPad either as its actually called iPad in Kaspersky, so its detected as a seperate device. The amazon device is a firestick that we have.
On the host, I've blocked connections to both unknown device IP's via the firewall.
Its possible one of my parents phones is the unknown device. According to Kaspersky, the device type for our phones is unknown, but 2 of the phones have a name associated to them. The other one might not.

I'm sorry for the spamming of posts, but I think this is one I should make.
The amazon device is a firestick, and im pretty sure the "unknown" is one of our phones. Its been around for 6+ months with zero issues, and not all of our phones are listed as phones with Kaspersky. The two phones listed are listed as Unknown Devices but with a name as Phone - some number. We have 3 phones in the house, but only 2 are registered this way. The "Unknown Device" is also nearly always on, about as much as a phone.
There are 9 online devices detected. We have 3 pcs, a printer, the firestick, a iPad, and 3 phones.
 
Last edited:

Jonny Quest

Level 13
Mar 2, 2023
638
I'm sorry for the spamming of posts, but I think this is one I should make.
The amazon device is a firestick, and im pretty sure the "unknown" is one of our phones. Its been around for 6+ months with zero issues, and not all of our phones are listed as phones with Kaspersky. The two phones listed are listed as Unknown Devices but with a name as Phone - some number. We have 3 phones in the house, but only 2 are registered this way. The "Unknown Device" is also nearly always on, about as much as a phone.
There are 9 online devices detected. We have 3 pcs, a printer, the firestick, a iPad, and 3 phones.

It's your thread, you're not spamming it but doing your due diligence in researching and figuring it out. IMO, nicely done :) So yep, that's one you should've made :)
Now you can monitor it from here, (maybe you still had the one unknown phone?) as far as if anything new tries to connect to your network.
 

Xeno1234

Level 13
Thread author
Jun 12, 2023
633
It's your thread, you're not spamming it but doing your due diligence in researching and figuring it out. IMO, nicely done :) So yep, that's one you should've made :)
Now you can monitor it from here, (maybe you still had the one unknown phone?) as far as if anything new tries to connect to your network.
We still have the "Unknown Phone". Its just one of our phones, im not sure who's it belongs to.
Good to know im in the clear though :D
 
  • Like
Reactions: Jonny Quest
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top