FLeong

The router name has become normal!

Hi Marcos, I haven't seen the module update you said would be released. Where can I access that? Would the update be installed automatically?

Hi Aryer Goretsky, thanks for the initiative to find out from users the needs for the security program. 1a. If something can be done in ESET to "kick out" foreign devices in home network, that would be great! That may be the function of the router. But if we can have something in ESET that can do this, that would be good, as I don't really trust the privacy of my router that much. Maybe this is a tall order. 1b. OR if there is any help to prevent the scenarios below from happening on the part of the security program. I understand some of these situations could be due to infected router or laptops that have given a foothold to foreign devices. For a particular reason, my private network seems to be infiltrated by devices in the past and present (but now better managed with restrictions in router settings). Since two years back, some infiltration stared appearing in "home" network setting. I also started seeing large cars of different models with skylight, always with man waiting inside parked close to where I stay. Out of fear of foreign devices snooping around home devices, I set the network was set to "public". Suspicious scenarios happen as follows: - Devices with foreign MAC addresses remaining active ("just now") in the network. The MAC address of these foreign devices kept changing when I tried to filter them out by the router using blacklist. Finally one intruder assumed the same MAC address as a home computer, and it couldn't be filtered out. Currently, I have managed to contain the problem. - Some of these foreign devices assuming names or portions of names (sometimes confused) of devices at home, or acronyms of persons at home. It appears computer data has been leaked for them to know names, and even the names of users. -Foreign device remaining active in the network once they get a foothold, possibly through another home device. They normally appear in the other network (such as 5G) when the home device logs into a network (such as 2G). The foreign device remains there even after that home device is removed from network, or taken away from home. These foreign devices somehow managed to enter the other home network without knowing the password 1c. If ESET can detect man in the middle attack or DDoS attack, that would be great. Not sure if cars with devices in proximity can enact such attacks on the network or induce the laptop to tap on some network. - Computer keeps being kicked out of home network. - It was observed that when using hidden network, networks called up by the home devices can be copies of the home network ABC, such as ABC1, ABC2, etc. 2. Have user friendly instructions to help tech novices like me to operate the settings in the ESET security. So that I can minimize network infiltration and attacks and keep each home device totally cut off from others. Better still, have in-built systems of settings that I can select from to achieve a certain security aims, having inputted what I hope to do (or not to do) in the home network (whether there is file sharing or not). In this way, I won't have to need to understand the technical jargon to operate the current settings in ESET, which are difficult to grasp. Thank you.

Noted. Thanks Itman. I am still learning about such things.

I assume these are IoT devices. Could be Smart phones, TVs, hell .... even your refrigerator. Hi ITman, I appreciate you showing how different network scanners work. There are no other smart devices at my home (no printer or smart appliances). In normal circumstances, I would see the router and only the laptop tapping on the router. Even the cable TV setup box does not appear (though something else did appear consistently in the past, which I presumed to be the TV setup box). Now as in then, when there is unexplained infiltration, I will see devices in 2G network (without the 5G password ever entered into them) crossing over to the other network. MAC addresses correct. This could be the router's problem (hacked?). The call centre for the ASUS router said that this shouldn't be the case. now I put devices that "do not behave" (i.e. leading to the phenomenon of crossing over) in different guest networks that segregate them from the main network. There can also be devices using combination of names similar to my other laptop or devices (or acronyms of the names of people at home), showing the wrong type of device (should be laptop but shown as phone, etc). Anyway, sometimes, these devices are not online or are not at home. and they cannot be accounted for (as in the crossing over of networks). They have foreign MAC addresses. Once, I tried to filter out the MAC address persistent intruders through the router GUI, intruders with other MAC addresses turn up, probably spoofing of MAC. And a device started to assume the same MAC address as home device, but which is clearly not that as it remains in the network while the device is away, and the kind of device is incorrect. The fight continues! Wireless Network Watcher can be a standalone app when I need to check who is in the network, if a device does not have ESET. Is it safe to use in your opinion? Does it have good reviews?

Thanks, Marcos. Look forward to your newer creation. So you do the programming. If there can be some standard setups for different kinds of considerations and requirements in the home network, so that people who don't know much about security can simply choose and click, it can add an user friendly dimension. ESET is very detailed in its settings. Those who know how to operate them, would appreciate it. So an systems engineer recommended it to me.

Itman, got your view.

So Marcos, it means there is no real network protection if the setting is put to "public". My issue is that there are devices with foreign MAC addresses in my home network, so I set it to "Public". If I change it back to "home" would that help to get rid of these devices or prevent them from entering the network? And what settings should I have for ESET to disallow file sharing, laptop discovery, or multicasting on foreign devices, etc in a home network? Would these settings be available? (There many settings that I need to understand what they mean before I can adjust them. Any help on them?) Would setting to "public" mean it is easier to have devices tapping on the network? Today I just had a device with foreign MAC in the home network. I also had problems logging in to the home network. Later, when I discovered the device, I adopted VPN, and the foreign device left the network. I wonder if the device was tapping on something in my laptop to get into the network -- that was before the I adopted VPN. My phone which only knew the password for 2G network, went into the 5G network and was detected by ESET. It remained as active ("just now") in the 5G network even after I had removed the phone from wifi. That happened to my husband's computer too (crossing from 2G to 5G network, not having stored the 5G password), and staying put in the network, even while his computer was away from home. Well these issues go on and on in circles! I can try setting the network to Home, and see if things improve, if that is advisable.

Hi Itman, I have changed the physical wifi network from "public" to "home". The name of the router for the problematic computer is still WanConnectionDevice, miniUPnP router. No change to details at all. There is also the same network devices on it as shown as when it is a public network. The network setting is back as public. By the way, I did not change to "home" the virtual network 5 and virtual network 7 that shows up as connected network to the computer together with my wifi network, that I know by name. I do not know if it is safe to change these to "home". And why are there these virtual networks to which the same computer is connected? There is a warning not to scan. But I know that it is my network that I am scanning. Actually, I still don't understand why there is a warning not to scan a network set to "public". Is it a matter of intrusion into other people's data? Thank you.

Hi Marcos, I attach the file you need. Thank you for going through it. Hopefully there are some leads. homenet.zip

Hi Itman, Slashrose and Marcos, appreciate your thoughts on the issue. My computer and two others are all using the same network (at home but set to public for fear of files being shared between computers, as there had been computer looking alike pretending to cross over the 2g and 5g network, and foreign device). All three have ESET security installed. Only my computer gives the foreign router name, while the other two have the router labelled with "ASUS name + last 4 digits of MAC address of the router "(which I assume is the naming convention of ESET? If not, then this name, which looks genuine, also reflects that of a foreign router. But let's not assume this scenario. Anyway, all three computers using the same router network have the same version of ESET (13.2.15.0). The router (however named) has the same MAC and IP address shown in the network scans of the three computers. Only the computer with the unrecognizable name was using a VPN different from another one. The third doesn't use VPN, which was labelled as XXXVPN (Wan Miniport (IKEv2)) . Only today the VPN is changed to the use of TAP-XXXVPN adapter. But with or without VPN running in the background, the router's name is still the WANConnectionDevice mini UPnP router. So probably the VPN is not the issue. The firmware of the router is up-to-date. The computer that has the problem of the router's name is persistently faced with Event 10016 Distributed COM issue. Happens 9 times in a period of one and a half hours. I don't know if this is a related issue. The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {……… } and APPID {…………} to the user ---------SID (……..) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (……….). This security permission can be modified using the Component Services administrative tool. The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {…………… } and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user -----------SID (………….) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (….). This security permission can be modified using the Component Services administrative tool. The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {…………. } and APPID {…………} to the user ----------------SID (…………….) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (…………….). This security permission can be modified using the Component Services administrative tool. ….. Can't supply the homenet data file that Marcos wants as its extension is not accepted in this forum. Thank you!

Thank you for the advice. I hard resetted the router, and have used a very strong password. After I did that, the router's name in the network scan had not reverted back to the correct one. Could using a VPN cause a change of the name of the router (to WanConnection Device, Mini UPnP router)? But when I disconnect VPN, the name of the router remains foreign.

Hi, the network scan of ESET shows that the name of the router that I am using has changed from the usual ASUS model to "WanConnectionDevice, mini UPnP router", with the same IP address of my original router. Is this a cause for concern? Has my router been taken over by something else, or am I connecting to something that has piggy-backed on my router? The strange thing is that my husband using the same network reveals the correct name of the router in his ESET scan. I have experienced some surveillance of late in my phone, network and living environment: -Cars mostly with skylight panel with man watching, close to where I stay. -I have also problems with my network, in which ESET detected devices with foreign MAC address. Some of these devices that I suspect to be foreign could be a mobile assuming likeness in the name to my laptop, etc. That is, the label for the device type for those suspicious devices is different. -Sometimes similar MAC addresses to my home devices are in the network I connect (5g). But these devices are used on a different network (2g), and have not known the password of 5g network. It is not clear if the MAC address of some home devices have been spoofed. After I used guest network to segregate devices, the crossing over of networks stopped. -But devices with foreign IP addresses still appear, now only occasionally.