Broadband Tech > Security > Security > intruder in my network

intruder in my network

Was it set to AES or TKIP

TKIP is known to have security issues. (use AES)

If your password is under 20 characters fix it. Use something like this.

»www.grc.com/passwords.htm

Last make sure your access point doesn't have a common SSID name. The SSID name is used as part of the encryption. People have created rainbow tables for common names. These give shortcuts shortcuts in breaking in Wi-fi.
--
Sarick's Dungeon Clipart

I just changed my password and SSID name again, and 10 minutes after the intruder with computer name "PIMP" is back in my network... Is it really possible to crack WPA2 in only a few minutes ?

Also i live in a small town i doubt there are computer nerds around my house that could crack my wifi...

I recently had to use a VPN software to connect to Russia to download a digital game i bought... Is it possible that there was a virus inside the VPN or something like that ?

I'm not sure what TKIP and AES is...

My settings are:
Security - WPA2
Encryption - CCMP
Auth: PSK

reply to anarchoi2

reply to anarchoi2
Why don't you turn off the wifi until you get this fixed? I sure the heck would! You are responsible for whatever this person is downloading, or doing on your connection.
--
"I fear the day that technology will surpass our human interaction. The world will have a generation of idiots." ~ Albert Einstein

reply to Lagz
I don't know, i'm using a Netgear ProSafe FVS318N

reply to Juggernaut
I just disabled wifi on my router, and the intruder is still in my network !!! This is definatly a trojan or something.

Or, a bot.

I'd disconnect and work from another computer if possible. As suggested, see if you can download MalwareBytes to your drive, run it, and update it. Or, download MalwareBytes from a safe computer onto a thumb drive, and try to load it to your box that way.

If all else fails, go to »Security Cleanup and follow the instructions first.
--
"I fear the day that technology will surpass our human interaction. The world will have a generation of idiots." ~ Albert Einstein

I have just ran full scans of AVG, Malware Bytes and Ad-Aware. Everything should be clean, but there's still the intruder in my network.

I have tryed turning off my computer, then logging on the network from a laptop and the intruder is still connected to the network !!!! So it can't be a virus since my computer was off...

I don't understand...

Do a router FW upgrade lately?

At this point, I'll bet the router has been breached someway, somehow. Try a different router, and see what happens.
--
"I fear the day that technology will surpass our human interaction. The world will have a generation of idiots." ~ Albert Einstein

reply to anarchoi2
What OS and internet connection cable/dsl

reply to anarchoi2
Guessing this was in Windows Network Neighborhood? Got a screenshot?

Can you view the FVS318N's ARP table, or DHCP leases?

If wifi's off and this 'PIMP' is still there, I'd start looking at the physical connections.

reply to anarchoi2
I have no way to know how your network is setup, but if you have an Ethernet over power line switch/bridge in your network, they can be a bigger security risk than WiFi. Most such devices can be setup reasonably securely, but the factory default values (which are often not changed) can leave them wide open for intrusion by anyone attached to the same power circuit. I have run into multiple cases where the end user had such devices, but did not have a clue about what they were or the security implications.

Another possibility if you live in an apartment that has built-in Ethernet distribution between rooms, is that your connections may be accessible from another apartment if the apartment building's wiring or VLAN setup is not done properly. Like the Ethernet over power line switch/bridge mentioned above, I have run into this situation too.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

reply to anarchoi2

reply to anarchoi2
Ok after some investigations:

- "PIMP" is still here even if i turn off wifi. Not a wifi problem.
- If i turn off internet, "PIMP" will diseappear after around 15 minutes

Like i explained earlier, a few days ago i bought Borderlands 2 in digital game. The website asked me to download a VPN software to connect to a Russian IP to download the game from Steam because it was meant to be available only for russians users.
"Anarchoi-pc" and "Anarchoi-Laptop" were exposed to the VPN files that may have been infected.

Notes:
- I use the default settings of my router
- I'm on DSL (Distributel) and Windows 7 on almost all PC.
- "PIMP" is only visible from the computers that were exposed to the Russian VPN files. When i check the network from my HTPC, i can't see "PIMP" !!!
- I don't have Ethernet over power line.
- I don,t have an apartment with built-in ethernet.

Some screenshots:

From my main computer (Anarchoi-Pc) that was exposed to the russian VPN
»www.ni-dieu-ni-maitre.com/_uploads/pimp1.jpg

From my laptop (Anarchoi-Laptop) that was exposed to the russian VPN
»www.ni-dieu-ni-maitre.com/_uploads/pimp2.jpg

Another screenshot from my Laptop. Note that "PIMP" is now displayed as a media share (it happens rarely)
»www.ni-dieu-ni-maitre.com/_uploa···mp2b.jpg

Screenshot from my HTPC that was NOT exposed to the russian VPN. Note that "PIMP" is not visible from this computer
»www.ni-dieu-ni-maitre.com/_uploads/pimp3.jpg

Sorry I missed the VPN post earlier. This is probably related to the VPN since pimp is only visible from those computers. Have you uninstalled the VPN or do you need it to play the game? What VPN did you install?

edit: It seems steam isn't to particularly fond of VPN's.
--
When somebody tells you nothing is impossible, ask him to dribble a football.

reply to anarchoi2

reply to anarchoi2

Re: intruder in my network