Someone is in my network...

First I'd like to say that I have two computers and one of them is using a wireless connection. Right now I'm using the computer that is wireless because my other one has been hacked into I believe.

Ok, I think someone is connected to my network. When I go into my start menu and look at my connections, there is another connection that does not belong to me. I tried to delete this person, but it did not let me. This person has now disabled his connection, because I shut off the internet connection on my computer that was connected to the local area. Even though his/her connection is disabled, I still can't delete it. So, how can I remove his connection? Is there a way to prevent this from happening in the future?

First, I'd like to ask, is this connection via LAN, or wireless?




I'm not sure about future prevention, but you should be able to delete the connection in safe mode, logged in as administrator. (and obviously off-line when you do it)

How to prevent it in the future would depend on your firewall, I believe. What firewall are you using, as well as any other security software?? This will help others in determining the best way to approach your problem.

[edit on 6/19/2007 by Mechanic 32]

You should be able to password protect your network. Half my building is wireless, I can see about eight networks when I go into that mode, but nobody can log into anyone else's because we all have passwords.

Is it a "1394 Net Adapter"

If it is, it is harmless and your not being hacked...

I am just asking because I thought I had someone on my network as well, until I googled that and found out it is a Firewire Connection ...

I disabled it under device manager and all is well now...

Here is what it looks like...




Semper

I use a laptop most of the time that is on dial-up.
I just flipped that switch on the front for WLAN and detected 4 networks, and three of those where unsecured. One of them required a pass word.

I'm sure it's against the law to use someone else's connection, but it seems so easy to do. I'm also sure you could password protect your wireless in the network setup area with minimal trouble.

It is password protected. Ok, I think I should tell you more of about this whole situation, because I remeber something that might have caused it.

All this happened right after I tried installing Windows Vista into my computer. I tried installing the program into my computer so many times, but it kept on failing, so I quit. I re-installed XP and all my original updates and security for Windows were down. So I had to re-update everything back to how it originally was. That was when I noticed that strange connection in my network. So after I noticed that, I decided to completely restart my entire computer. I wanted to clean all the files. Once I did all that, I re-updated and installed Trend Micro anti-virus. Everything seemed to be fine. After a few days, I noticed Trend Micro was not in my computer. I didn't think it was possible because I knew I installed it. I went on to check my connections again, and what do you know? The same connection that I had before was there again. I quickly re-installed trend micro, disconnected the internet connection and abandoned the computer. Now I'm using another computer that's connected wirelessly.

Mechanic 32

The strange connection was wireless.

I tried putting my computer on safe mode and logging on as admin etc. but I couldn't find where to delete it. I went to start menu, found "My Network Connections", I clicked on it. Once the window popped up, I saw what looked like my net connection, then it just vanished. I got pretty upset.

Can you show me a step by step guide on how to delete this thing. I'm not very computer savvy. When it comes to computers, I'm no expert.

Semper

It wasn't a 1394 Net Adapter. What it said on the connection was Atheros AR500X+. But could it have something to do with my Atheros Client Utility? You or anyone else know what this is?




[edit on 21-6-2007 by Striker122]

[edit on 21-6-2007 by Striker122]

Judging by what you said here, it sounds like it is a connection made by that application....

Originally posted by Striker122
Semper
What it said on the connection was Atheros AR500X+. But could it have something to do with my Atheros Client Utility? Anyone else know this?

btw, what exactly is that? This may help determine if the connection is really needed, or not.

This is what it basically is.

The Client Utility is vendor supplied software that may used to configure and manage the built in 802.11b/g wireless communications in the laptop. It provides the user with a display of current link status, configuration profile management, statistics and diagnostics for the wireless link.

Wndows XP also includes software that may be used to configure and manage the wireless link.

Source

EDIT: It came with my Toshiba


[edit on 21-6-2007 by Striker122]

Hmmm....

So you see two connections? You really shouldn't. But as I am no expert, seek a second opinion as well.

Alright, cool. Thanks for the help though, I'll see if there's anyone I know that knows what to do. But if anyone else on ATS knows what to do, please reply.

Thanks.

It wasn't a 1394 Net Adapter. What it said on the connection was Atheros AR500X+. But could it have something to do with my Atheros Client Utility? You or anyone else know what this is?

What you can do is this...

Go under the "Device Manager"

Find that particular connection and disable it....

If it is a required function of the Client Utility, you can always enable it after...

Semper

On a Mac or a Sun if you're logged into the GUI and logged into a command terminal window, it shows two users (both your username).

Could this be what's happening?

Atheros is just a chipset for wireless. You probably have a VAP (virtual access-point) I get them when I use Linux, it is normal. Since you stated you use wireless its more than likely (if in fact you have been breached) that your wireless is the problem. I'm not clear if you have both a wireless and LAN setup.

1) Do both PC's have Internet access? How are they connected in terms of each other with your wireless and Internet service?

2) If you disconnect the wireless(shut it off)) do you still see the problem?

3) What method of wireless security, if any, are you using (WEP/TKIP,etc.)

4) Exactly what is this suspect connection your seeing, provide details on how you are making this determination you've been compromised.

brill

[edit on 23-6-2007 by brill]

plus youre using vista which is so full of bugs right now, it should really still be in beta but typical M$ wants that money. for your wireless you should use the encryption and hide the ssid. and just so you know, windows is loaded with back doors and microsoft does check for valid serial no's on new versions, they started that with xp. my advice would be ditch windows, its garbage, you end up giving up half your system's resources jus so windows can run, then add on top of that the antivirus, spyware, tune-up apps you need..its not worth it. try linux, i been using it for years and never had security or stability issues with it. or you can check out the x86 version of mac os-x which technically is a bsd kernel with darwin and the mac gui built on top of it.

Originally posted by radioactive_liquid
for your wireless you should use the encryption and hide the ssid. and just so you know

Hiding SSID's is pointless. Beacons can still be detected, very easy actually. Definitely use encryption but avoid WEP at all costs(can be cracked in minutes). Use WPA/WPA2 with TKIP for key hash rotation.

brill

I would suggest also using MAC address filtering.

Originally posted by iCEdTenG
I would suggest also using MAC address filtering.

This can also very easily be spoofed. You can intercept packets and then just spoof the corresponding MAC. Wireless is brutal and I would never use it in a commercial setting, but for @home use its ok provided you don't have any sensitive or personal data your willing to have compromised.

brill