# Information retrieval via MAC address



## Deuce_EaZy (Feb 7, 2010)

Alright I have a personal network that I have ensured is secured through wpa with a strong password. 

I have three regular mac addresses that go on this network. One pc and two xbox 360s. I have written down all three. But, there are four total that use my network.

I have recently experienced some slower activity of my connection. 

I have come to the conclusion that this fourth mac address is accessing my wireless router some how. Using some pw/un cracks of some sort. I also hid my ssid so it's atleast not advertising itself to everyone. I know of MAC filtering. 

But, I know I have this alien MAC address, and that it is unique to whoever I think is hijacking my bandwidth.

Is there any trace route or anything? I am oblivious to what my capabilities are with this. 

So far I have just been periodically checking router status for this Alien MAC address to become active again. Then somehow get some sort of information from their computer, or anything to see if I can deduct who it is.

Also my router is a Linksys WRT54GS2


----------



## 2xg (Aug 5, 2009)

Hello and welcome to TSF!

Your Security seems to be on a highest encryption already. You're probably picking up a wireless device or connections from a nearby place and it doesn't mean that that someone is trying to get in to your network when a Mac Address is showing up.

Mac filtering doesn't do much as well as hiding SSID's, pls. read this =>http://blogs.zdnet.com/Ou/index.php?p=43, very informative link.

For the bandwidth issue, you may try speedtest.net to check your speed.

These are things to try to troubleshoot your issue:

Try removing all wireless profiles stored in your computer and re-connect to make sure that you have the correct encryption needed if your wireless is secured.

Try changing your router's Channel to a 1, 6 or 11, these gets excellent signals.

I would upgrade your router to the latest firmware too.

Hope these helps.


----------



## johnwill (Sep 26, 2002)

If you are using WPA2 or WPA with a strong random password, I really doubt someone has cracked the password.


----------



## scottsee (Feb 28, 2007)

Compare your access points mac to this rouge mac, it might be the same..


----------



## 2xg (Aug 5, 2009)

I believed that he mentioned he has all 3 MACs written down, the 4th one doesn't belong to his network. As long as has he has WEP security, he should be fine.


----------



## johnwill (Sep 26, 2002)

Well WEP is not OK in my book, at least WPA with a strong key and he's pretty secure. :smile:


----------



## 2xg (Aug 5, 2009)

oops.... sorry I meant WPA this is what he has setup and not WEP johnwill, my bad.


----------



## johnwill (Sep 26, 2002)

First, I'd recommend a change of your password for the WPA, and you might consider using this WPA Key Generator to generate a secure one.

If all your devices support WPA2-AES, that is an even better option, also using a secure password.

After changing your password, shutdown ALL equipment, including the modem and router. Start up the modem, wait a couple minutes, startup the router, and then boot one computer. Check the connection table and see if the mystery MAC address is already there. If not, continue to add the computers to the network and see when and if it appears.


----------



## whiterabbit7500 (Aug 3, 2009)

http://www.coffer.com/mac_find/

^ useful in determining what type of device is connecting. Sometimes smaller devices such as iphones, blackberry, etc can connect and cause alarms. 

If your using WPA2 with a strong (over 12 character password), there's extremly little chance someone got in unless you had given them the key.


----------

