May 20, 2021

Unknown device connected to my WiFi router


Hi!

I did some modifications on my WiFi router settings. It’s the router that my ISP (“Fizz” in Canada) gave me.

I don’t know how long it’s been there but it makes me a little anxious (or at least curious).

When I scan the network to see the current connected device from the router admin page, I can see the following one:

| NAME | IP Adress | MAC Address |
| — | — | —|
| RTPL109696T | 192.168.1.2 | 64:6C:80:DC:65:0B|

I tried nmap to it and get the following:

““
[email protected]:~$ sudo nmap 192.168.1.2 -O
Starting Nmap 7.80 ( https://nmap.org ) at 2021-05-19 21:15 EDT
Nmap scan report for 192.168.1.2
Host is up (0.023s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
445/tcp open microsoft-ds
MAC Address: 64:6C:80:DC:65:0B (Unknown)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: specialized|general purpose
Running (JUST GUESSING): AVtech embedded (87%), Microsoft Windows XP (87%), FreeBSD 6.X|10.X (86%)
OS CPE: cpe:/o:microsoft:windows_xp::sp2 cpe:/o:freebsd:freebsd:6.2 cpe:/o:freebsd:freebsd:10.3
Aggressive OS guesses: AVtech Room Alert 26W environmental monitor (87%), Microsoft Windows XP SP2 (87%), FreeBSD 6.2-RELEASE (86%), FreeBSD 10.3-STABLE (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop

OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.03 seconds
“`

I tried access it through its 80 open port but I get an HTTP error 404.
Port 445 seems to be a SMB share but I can’t open it since I don’t have the requested credentials.
I could just change my WiFi passphrase and then it shouldn’t be able to connect anymore (maybe if it seems it was able to do it at least 1 time…) but I really want to know who it is and what it is.

Could you help me to try some things and try to have some more information about it?

Thank you very much for your help!

Comments

chiphitter

You can lookup the vendor of the Mac address by doing a lookup. This one is CHONGQING FUGUI ELECTRONICS CO.,LTD

A Google search of the company shows it could be a Samsung TV. Do you have a Samsung TV?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.