I did some modifications on my WiFi router settings. It’s the router that my ISP (“Fizz” in Canada) gave me.
I don’t know how long it’s been there but it makes me a little anxious (or at least curious).
When I scan the network to see the current connected device from the router admin page, I can see the following one:
| NAME | IP Adress | MAC Address |
| — | — | —|
| RTPL109696T | 192.168.1.2 | 64:6C:80:DC:65:0B|
I tried nmap to it and get the following:
[email protected]:~$ sudo nmap 192.168.1.2 -O
Starting Nmap 7.80 ( https://nmap.org ) at 2021-05-19 21:15 EDT
Nmap scan report for 192.168.1.2
Host is up (0.023s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
445/tcp open microsoft-ds
MAC Address: 64:6C:80:DC:65:0B (Unknown)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: specialized|general purpose
Running (JUST GUESSING): AVtech embedded (87%), Microsoft Windows XP (87%), FreeBSD 6.X|10.X (86%)
OS CPE: cpe:/o:microsoft:windows_xp::sp2 cpe:/o:freebsd:freebsd:6.2 cpe:/o:freebsd:freebsd:10.3
Aggressive OS guesses: AVtech Room Alert 26W environmental monitor (87%), Microsoft Windows XP SP2 (87%), FreeBSD 6.2-RELEASE (86%), FreeBSD 10.3-STABLE (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.03 seconds
I tried access it through its 80 open port but I get an HTTP error 404.
Port 445 seems to be a SMB share but I can’t open it since I don’t have the requested credentials.
I could just change my WiFi passphrase and then it shouldn’t be able to connect anymore (maybe if it seems it was able to do it at least 1 time…) but I really want to know who it is and what it is.
Could you help me to try some things and try to have some more information about it?
Thank you very much for your help!