• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Security issue in my network somewhere...?

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
I've been having some strange things going on lately. Long story short - someone just earlier tonight made an account here at TPU and tried to stir up some trouble... but their account appears to be logged in with my own IP address! My fiancee also says she's had issues in the past on Facebook with other people getting strange messages coming from her with our IP address, but it wasn't her sending them. Apparently, she took it up with Facebook and they dug deeper on that issue and they found out it was actually coming from Wisconsin. If there's a security issue somewhere, I'm not sure where it could be. Whatever it is, it's not something as glaringly obvious as an unsecured Wi-Fi network. What should I do to look for security issues?
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
20,738 (3.50/day)
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
What's your network and computer setup like?

Try changing Wifi passwords
 
Joined
Mar 28, 2018
Messages
726 (0.84/day)
Location
Arizona
System Name Space Heater MKIII
Processor AMD Ryzen 5 2600X
Motherboard MSI X470 Gaming Pro
Cooling Cryorig R1 Ultimate, 5x Cryorig XF140 fans, ARCTIC Accelero X3
Memory 2x8GB Crucial Ballistix Sport LT DDR4-3000
Video Card(s) Gigabyte GTX 1070 G1 Gaming
Storage 500GB Samsung 970 EVO, 525GB Crucial MX300, 4TB Seagate Barracuda, 8TB WD White
Display(s) AOC AG241QX 1440p 144Hz, LG 24EN43V-B 1080p 60Hz
Case Phanteks Enthoo Pro M
Audio Device(s) Klipsch ProMedia 2.1
Power Supply EVGA 750 B3, CyberPower CST135XLU
Mouse Logitech MX Master
Keyboard Logitech G610 Orion Brown
Software Windows 10 Pro
Could probably use a packet sniffer like Wireshark to see where on your network the traffic is coming from.
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
What's your network and computer setup like?

Try changing Wifi passwords
I'm thinking my wifi password would be pretty hard to crack, and damn near impossible to just guess, but I suppose it's something worth doing.

I've got a modem (modem only, not a modem/router combo) connected to my own wifi router (RT-N66R, flashed with Tomato). As I've mentioned before, the wifi has a strong password that would be pretty hard to crack... other than that, I've got ethernet running to a few PCs and game consoles and such.

Could probably use a packet sniffer like Wireshark to see where on your network the traffic is coming from.
I can try to take a look at that, but I've never used a tool like that before.

Still, none of this explains to me how someone could appear to be sending messages on Facebook from our IP, but actually being in Wisconson. Obviously, there's no way our wifi reaches all the way over there...
 
Joined
Mar 28, 2018
Messages
726 (0.84/day)
Location
Arizona
System Name Space Heater MKIII
Processor AMD Ryzen 5 2600X
Motherboard MSI X470 Gaming Pro
Cooling Cryorig R1 Ultimate, 5x Cryorig XF140 fans, ARCTIC Accelero X3
Memory 2x8GB Crucial Ballistix Sport LT DDR4-3000
Video Card(s) Gigabyte GTX 1070 G1 Gaming
Storage 500GB Samsung 970 EVO, 525GB Crucial MX300, 4TB Seagate Barracuda, 8TB WD White
Display(s) AOC AG241QX 1440p 144Hz, LG 24EN43V-B 1080p 60Hz
Case Phanteks Enthoo Pro M
Audio Device(s) Klipsch ProMedia 2.1
Power Supply EVGA 750 B3, CyberPower CST135XLU
Mouse Logitech MX Master
Keyboard Logitech G610 Orion Brown
Software Windows 10 Pro
I can try to take a look at that, but I've never used a tool like that before.
It's been a while since I've used it. I'd say look for traffic from a device with a MAC address that none of your devices have.

Your router probably has a feature to log things that happen on your network too.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
20,738 (3.50/day)
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
from our IP, but actually being in Wisconson
IP to location mappings are hand-crafted databases that can be out of date or inaccurate. What makes you think "Wisconsin"?
 
  • Like
Reactions: hat

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
IP to location mappings are hand-crafted databases that can be out of date or inaccurate. What makes you think "Wisconsin"?
No idea. She said she contacted Facebook about the issue (that is, people getting messages from her that she didn't send) and they initially said it came from our IP, but then they dug deeper and they said it came from Wisconsin. That's all I know about it. This happened quite a while ago, and I'm always hearing things about people having trouble with Facebook, so I just chalked it up to Facebook weirdness. Strange accounts connecting to TPU with our IP address has me more concerned.
 
Joined
Jan 31, 2010
Messages
3,641 (0.95/day)
Location
Gougeland (NZ)
System Name Cumquat 2000
Processor AMD RyZen R7 3700X
Motherboard Asus Strix x470-F Gaming
Cooling Cryorig R1 Universal
Memory 16GB GSkill TridentZ DR4-3200 16-18-18-38 1.35V
Video Card(s) Sapphire Pulse RX5700 8GB DDR6 1750/1700
Storage 1X Samsung 860 EVO 500GB SATA AHCI 1x Sandisk 128GB PCIe, 12TB of HDD Storage
Display(s) ViewSonic VX2457 MHD 75Hz FreeSync 1920x1080p
Case SilverStone Raven RV02B-W + 3x SS AP181 + USB3.0 upgrade
Audio Device(s) Realtek S1220a + Pioneer VSX-531 amp Technics 100W Speaker set
Power Supply Enermax RevolutionXT II 750W 80+ Gold
Mouse Logitech G502 Proteus Core
Keyboard Logitech G105
Software Windows 10 X64 PRO (build 1909)
Benchmark Scores it sucks even more less now ;)
could be a case of IP address spoofing where they haven't actually penetrated your network but are using your IP address in the form of spoofed packet headers
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
It's been a while since I've used it. I'd say look for traffic from a device with a MAC address that none of your devices have.

Your router probably has a feature to log things that happen on your network too.
You mean in the "Source" tab, right? This should expose a device on my network that shouldn't be there. However, I should be able to see this information in my router, anyway.

could be a case of IP address spoofing where they haven't actually penetrated your network but are using your IP address in the form of spoofed packet headers
I'm not sure how one would do this, but if this were the case (and probably likely if I am indeed being attacked) that probably means there isn't anything I can do about it, and my own network itself remains intact, correct?
 
Joined
Jan 31, 2010
Messages
3,641 (0.95/day)
Location
Gougeland (NZ)
System Name Cumquat 2000
Processor AMD RyZen R7 3700X
Motherboard Asus Strix x470-F Gaming
Cooling Cryorig R1 Universal
Memory 16GB GSkill TridentZ DR4-3200 16-18-18-38 1.35V
Video Card(s) Sapphire Pulse RX5700 8GB DDR6 1750/1700
Storage 1X Samsung 860 EVO 500GB SATA AHCI 1x Sandisk 128GB PCIe, 12TB of HDD Storage
Display(s) ViewSonic VX2457 MHD 75Hz FreeSync 1920x1080p
Case SilverStone Raven RV02B-W + 3x SS AP181 + USB3.0 upgrade
Audio Device(s) Realtek S1220a + Pioneer VSX-531 amp Technics 100W Speaker set
Power Supply Enermax RevolutionXT II 750W 80+ Gold
Mouse Logitech G502 Proteus Core
Keyboard Logitech G105
Software Windows 10 X64 PRO (build 1909)
Benchmark Scores it sucks even more less now ;)
Try asking your ISP to give you a new IP address that should stop spoofing in its tracks if that's what is happening but I'd also change the Pword for your network wifi and modem login
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
Try asking your ISP to give you a new IP address that should stop spoofing in its tracks if that's what is happening but I'd also change the Pword for your network wifi and modem login
I can change my own IP all day my changing my router's MAC address... but then that wouldn't explain where it came from in the first place. If they got me the first time, "they" can just as easily do it again, no?
 
Joined
Mar 15, 2013
Messages
3,164 (1.17/day)
Location
GMT +2
System Name Red Radiance l under construction
Processor 2600x
Motherboard x470 taichi
Cooling stock wrath
Memory TridentZ rgb 3200mhz (2x8 kit)
Video Card(s) Sapphire Vega 64 nitro+
Storage 970 evo nvme
Display(s) c27gh70
Case tt core x5 tge
Audio Device(s) sennheiser's pc323d usb soundcard
Power Supply corsair AX860i
Mouse roccat leader
Keyboard roccat ryos mk fx
Software windows 10
in the wifi router under status you have logs tab. check there for info about events for the router (connected devices, logins to router etc.)
also add mac filtering and ip reservation for lan/wifi and then limit available ips for dhcp only to the range needed for your devices.
 
Joined
Jan 17, 2010
Messages
11,467 (2.98/day)
Location
Oregon
System Name Delta // HTPC
Processor Intel i7 6700K // Intel i5 4570
Motherboard GIGABYTE Z270X-Gaming K7 // Gigabyte H97M -D3H
Cooling Corsair H80i V2 // Silverstone NT-06 Pro
Memory Corsair DDR4 3000 32gb //G.SKILL Ripjaws X Series 8GB 1600
Video Card(s) EVGA GeForce RTX 2080 XC ULTRA GAMING// EVGA GTX 1050 ti
Storage Samsung 950 Pro NVMe 512, 2 Tb FireCuda// Samsung 1Tb SSD
Display(s) ASUS VP348QGL 34" Quad HD 3440 x 1440 // 55" LG 4K SK8000 Series
Case Corsair Obsidian Series 550D // Silverstone Granada GD05
Audio Device(s) Focusrite Scarlett // HDMI to Samsung HW-R650 sound bar
Power Supply Corsair TX850M // SeaSonic G Series 550w
Mouse Cooler Master MM710 53G
Keyboard Logitech 920-009300 G512 SE
Software Windows 10 Pro // Windows 10 Pro
Could someone have your IP and be out to cause you problems using a proxy ?
 
  • Like
Reactions: hat
Joined
Jan 31, 2010
Messages
3,641 (0.95/day)
Location
Gougeland (NZ)
System Name Cumquat 2000
Processor AMD RyZen R7 3700X
Motherboard Asus Strix x470-F Gaming
Cooling Cryorig R1 Universal
Memory 16GB GSkill TridentZ DR4-3200 16-18-18-38 1.35V
Video Card(s) Sapphire Pulse RX5700 8GB DDR6 1750/1700
Storage 1X Samsung 860 EVO 500GB SATA AHCI 1x Sandisk 128GB PCIe, 12TB of HDD Storage
Display(s) ViewSonic VX2457 MHD 75Hz FreeSync 1920x1080p
Case SilverStone Raven RV02B-W + 3x SS AP181 + USB3.0 upgrade
Audio Device(s) Realtek S1220a + Pioneer VSX-531 amp Technics 100W Speaker set
Power Supply Enermax RevolutionXT II 750W 80+ Gold
Mouse Logitech G502 Proteus Core
Keyboard Logitech G105
Software Windows 10 X64 PRO (build 1909)
Benchmark Scores it sucks even more less now ;)
I can change my own IP all day my changing my router's MAC address... but then that wouldn't explain where it came from in the first place. If they got me the first time, "they" can just as easily do it again, no?
wouldn't that only change the IP your modem gives your router and not the actual IP address the internet see's
 
  • Like
Reactions: hat
Joined
Jul 16, 2014
Messages
3,713 (1.68/day)
Location
SE Michigan
System Name Dumbass
Processor AMD-9370BE @4.6
Motherboard ASUS SABERTOOTH 990FX R2.0 +SB950
Cooling CM Nepton 280L
Memory G.Skill Sniper 16gb DDR3 2400
Video Card(s) GreenTeam 1080 Gaming X 8GB
Storage C:\SSD (240GB), D:\Seagate (2TB), E:\Western Digital (1TB)
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Logitech G700s
Keyboard Logitech G910 Orion Spark
Software windows 10
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
in the wifi router under status you have logs tab. check there for info about events for the router (connected devices, logins to router etc.)
also add mac filtering and ip reservation for lan/wifi and then limit available ips for dhcp only to the range needed for your devices.
to add to this, current routers can send the log to you via email, but they dont make it easy to do. I still havent got mine to work (netgear).
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
wouldn't that only change the IP your modem gives your router and not the actual IP address the internet see's
Nah, it gives me a whole new IP address. I've done it long ago and verified success with whatismyip.

Could someone have your IP and be out to cause you problems using a proxy ?
Seems the most likely scenario (or just some random troll)... seems nearly impossible to prevent, from what I can tell. I can change my IP, but that only works until it happens again. They had to have some way to get it in the first place.
 
Joined
Jul 25, 2006
Messages
7,155 (1.40/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Try asking your ISP to give you a new IP address that should stop spoofing in its tracks if that's what is happening
I can change my own IP all day my changing my router's MAC address...
Ummm, that's not how it normally works.
Nah, it gives me a whole new IP address. I've done it long ago and verified success with whatismyip.
"Long ago", you could just unplug the modem from the Internet for 24 hours, connect it again and get a new IP assignment. But times have changed. If you have not verified this recently (like this morning) I would do it again.

Typically, the IP address the world (and the bad guy) sees is assigned by your ISP to your modem, not your router. If not, you could not troubleshoot your local network by isolating your Internet connection by by-passing your router and connecting a PC directly to the modem.

So I agree with Athlonite and give your ISP a call and explain the situation and ask for a different IP assignment. They will likely give you a hard time because available IPv4 addresses for the ISP are limited. so stand your ground. Be nice and polite, but firm.

Also, while the IP address is assigned to the MAC address of your modem, with many ISPs (like mine) they assign that IP to the account which is tied to the billing or street address. I discovered this when I bought a new DOCSIS 3.1 modem to replace my old 2.0 modem. The new modem got authorized and assigned my old IP address.

And I agree to change your wifi passphrase. You (or your fiancée) might have given it to some visitor at some time in the past. HOWEVER, for them to cause problems today, they would have to be physically located close to your network in order to connect - like next door.

And while unlikely, make sure nobody physically connected an unauthorized device on your Ethernet network. This, of course, would require someone had access to your home - a "trusted" :rolleyes: house guest. So you would need to inspect all your Ethernet cables and look for an unauthorized device - perhaps hiding in the attic, basement, or closet. And if you find an unauthorized device, it might be time to change your door locks, search for hidden cameras, and call the police too. :(
What should I do to look for security issues?
Check your router's admin menu. Most (if not all) router's. let you see the connected devices. Verify each one. Sadly, this may not be easy because not all devices nicely and uniquely identify themselves. For example, I have 2 devices connected to my wifi network, both labeled as "network device". I have to click on each one individually to see one is my Sony Android Phone and the other is my Samsung Blu-ray player.

You might also change you local network settings to limit the maximum number of connected devices that can connect to your network at one time. You can set a range of DHCP IP assignments your router can issue to your devices. So, if between you and your fiancée, you have 4 computers, plus a smart TV, smart phones, and smart door bell, you could limit the connections to 8 devices only. You can also enable MAC Filtering to only allow access to the devices with specific MAC addresses.

If you don't need Guest Network, disable it.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
20,738 (3.50/day)
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
to limit the maximum number of connected devices that can connect to your network at one time
Interesting alternative to MAC address filtering, for which I'm always too lazy :)
 
Joined
Jul 25, 2006
Messages
7,155 (1.40/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
LOL

Well, it really is simple - and a one-time task. In both this Linksys router I'm using now, and in my old Netgear, it is just 1 setting in the admin menu that needs setting. I set mine to 15. I also told my printer to always ask for and use ("reserve") the same IP address, that is above those possible 15 DHCP assigned IP addresses. This is similar to but easier than setting a static address. Doing this prevents the networked printer from grabbing an IP previously assigned to one of my computers when power is restored after an extended power outage. I did the same with my NAS. I used to have to reconfigure Windows on each machine to use the new IP address for the printer and NAS. A real PITA. Now, I never have to.
 
Joined
Jan 31, 2010
Messages
3,641 (0.95/day)
Location
Gougeland (NZ)
System Name Cumquat 2000
Processor AMD RyZen R7 3700X
Motherboard Asus Strix x470-F Gaming
Cooling Cryorig R1 Universal
Memory 16GB GSkill TridentZ DR4-3200 16-18-18-38 1.35V
Video Card(s) Sapphire Pulse RX5700 8GB DDR6 1750/1700
Storage 1X Samsung 860 EVO 500GB SATA AHCI 1x Sandisk 128GB PCIe, 12TB of HDD Storage
Display(s) ViewSonic VX2457 MHD 75Hz FreeSync 1920x1080p
Case SilverStone Raven RV02B-W + 3x SS AP181 + USB3.0 upgrade
Audio Device(s) Realtek S1220a + Pioneer VSX-531 amp Technics 100W Speaker set
Power Supply Enermax RevolutionXT II 750W 80+ Gold
Mouse Logitech G502 Proteus Core
Keyboard Logitech G105
Software Windows 10 X64 PRO (build 1909)
Benchmark Scores it sucks even more less now ;)
I do exactly the same thing Bill but I do it for the printer the TV and the two permanently connected PC's everything else gets a random IP out of what's left of the 15 IP's allowed
 
Joined
May 13, 2010
Messages
5,177 (1.39/day)
System Name RemixedBeast-NX
Processor Intel Xeon E5-2650 @ 2.2Ghz (8C/16T)
Motherboard Dell Inc. 08HPGT (CPU 1)
Cooling Dell Standard
Memory 32GB ECC
Video Card(s) EVGA Nvidia GTX 650 Ti SSC 1GB
Storage 2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s) Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case Dell Precision T3600 Chassis
Audio Device(s) Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply 630w Dell T3600 PSU
Mouse Logitech G700s/G502
Keyboard Logitech K740
Software Linux Mint 19.3
Benchmark Scores Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P
could be a case of IP address spoofing where they haven't actually penetrated your network but are using your IP address in the form of spoofed packet headers
This as well as the following:
People often get apps like Hola or any of those "anonymizer" apps that basically make your system an exit node for anyone to do nefarious actions. They can still do that even if your WAN IP changes

Please see if you got any of those and if you do promptly uninstall them or even better, reformat if you do in fact do.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
27,191 (5.06/day)
Location
Indiana, USA
Processor Intel Core i7 9900K@5.0GHz
Motherboard AsRock Z370 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB Corsair DDR4-3000
Video Card(s) ASUS Strix GTX 1080Ti
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) QNIX QX2710 1440p@120Hz
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
Run a virus scan on all your computers to make sure you aren't infected with something.
 
Joined
Aug 20, 2007
Messages
13,205 (2.79/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) AMD RX 5700 XT (XFX THICC Ultra III)
Storage Mushkin Pilot-E 2TB NVMe SSD w/ EKWB M.2 Heatsink
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply SeaSonic Prime 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (yes, it's legit.)

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
27,191 (5.06/day)
Location
Indiana, USA
Processor Intel Core i7 9900K@5.0GHz
Motherboard AsRock Z370 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB Corsair DDR4-3000
Video Card(s) ASUS Strix GTX 1080Ti
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) QNIX QX2710 1440p@120Hz
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
Define "normally."

It's indeed MAC based DHCP-IP issuance at the USA's biggest ISP, comcast.
Yeah, I was just going to say that changing the MAC of the router's WAN port does change the public IP on Comcast.
 
Joined
Jul 25, 2006
Messages
7,155 (1.40/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
But it is simple to spoof (clone) MAC addresses and in fact, it is commonly done for legitimate reasons too. Every router I have owned has had MAC cloning in the admin menu, I can tell the router to use my PC's MAC address. In this way, every device on my network is seen by the ISP as my PC.

I've not worked with Comcast but have with TW, RR, and Cox. And while they use the modem's MAC address to configure the authorize the connection, it is still tied the owner's account #. If you get a new modem, yes you get a new MAC. But RR, TW and Cox typically assign the same IP to it.

IPSs don't have an infinite number of IP addresses to give out. In fact, the ranges of IP addresses are limited.
 
Top