# Phantom phones on private network



## erixx (Dec 17, 2019)

1: My network and my devices.
2: Random phones of varied brands appear on my network every other day, for a short time, then they are gone. 
3: My modem status page never shows anything out of order....

This happens since a year, using stock Windows 10 or Insider builds.

Are there phones in my neighborhood that are "tunneling" through somehow, or just "pinging"?

What would you experts recommend?


----------



## TheLostSwede (Dec 17, 2019)

I've had similar things, no idea why they're showing up and never really found an answer.

*Edit: *Look at that, just as I was replying, one popped up and I have no idea what that device is supposed to be. It's not actually on my network, but my PC sees it somehow. The only thing I can guess, is that the Wi-Fi or Bluetooth module in the PC sees some random Wi-Fi or Bluetooth device. Although my SO used to work for HTC, we no longer have any HTC devices.


----------



## erixx (Dec 17, 2019)

Thanks mate, at least I feel less lonely now with this. 

Maybe it is some Discovery service or Easy sharing. But this computer does not have bluetooth! 

Wow, another is here! ->


----------



## Bill_Bright (Dec 17, 2019)

Probably a neighbor's phone. If concerned, and you would be wise to be, change your wifi passphrase. You should also be able to limit the number devices that can connect to your network. If really concerned, you should also be able to limit access to only devices with the MAC addresses you specify.


----------



## TheLostSwede (Dec 17, 2019)

I have one device showing up as a phone, that is in fact my Amazon Fire TV dongle. You might want to double click the devices for more details and see if you can figure out what it is via either the manufacturer, model name or MAC address.

Your first device appears to be this https://deviceatlas.com/device-data/devices/huawei/cun-l01/13963048
Not sure what the other device might be.


----------



## remixedcat (Dec 17, 2019)

Win 10 does mac address randomization as well


----------



## Bill_Bright (Dec 17, 2019)

True but it is important to note the specific wifi adapter must support that feature too. Unless pretty new, it probably doesn't. This is easy to check, however. If your device does, the "_Random Hardware Addresses_" section will appear in the computer's Settings applet.


----------



## erixx (Dec 17, 2019)

P212. It's Amlogic HD870 4K.

But the reason for posting this is more for security and bug hunting. Maybe it are devices that are 'offering themselves' for being used, like wifi-displays and other "smart (aha) home" stuff.

"Random Hardware Addresses": sounds good but I am cabled. No Wifi con the computer. There is of course on the modem. But the modem control panel does not show these phantom devices.


----------



## heky (Dec 17, 2019)

Hm...i also have such a phantom device under my network devices. Shows itself as a phone...was wondering what it is...hmmmm


----------



## Mussels (Dec 17, 2019)

MAC randomisation can cause weirdness, i know android 10 devices can do it

I've seen similar show up in windows, but not in my router. I've also seen ghost devices that were connected a long long time ago that just never wanted to get erased.


----------



## Papahyooie (Dec 17, 2019)

Turn off WPS in your router. (Some routers have a setting for WPS for both IPV6 and IPV4). They are potential WPS clients seaching around for WIFI. I don't understand the reason why windows shows them there, but that seems to be the issue I had a couple of years ago.
Windows also has a built-in WPS system that you can disable as well (called "windows connect now" service I believe), but I think it shouldn't be the culprit since you don't have wifi on that computer. Try disabling both, but I think the router will be your culprit.


----------



## Bill_Bright (Dec 18, 2019)

erixx said:


> "Random Hardware Addresses": sounds good but I am cabled. No Wifi con the computer.


Ethernet connected devices are not an issue. If you have an unknown "Ethernet" connected device on your network, then you've had or have an intruder who was or is physically inside your home! 

Ummm, I suffer from chronic GCF and I've apparently had a relapse. Sorry. I just realized these devices were showing up under Network on W10 PC and not your router. I don't understand why you are seeing these devices on your computer either. You say you don't have wifi on the computer, what about Bluetooth? Do you have sharing enabled? When I look at my Network on my W10 PC, I see a yellow banner that says, "_File sharing is turned off. Some network computers and devices might not be visible. Click to change..._" I don't want sharing enabled so I am not clicking. But I assume if I did, I might see my wifi cell phone and tablet. 

GCF - geriatric cranial flatulence.


----------



## erixx (Dec 18, 2019)

no no, as i said above I have no BT either. 

Interestingly, these device have a MAC adress shown to me (properties page of the device). Could I investigate more with this information? 

Maybe the "Phones" service of W10 is buggy? Designed for people living in landhouses not in appartment buildings? I realy get GCF from all the networks around me :-D



Papahyooie said:


> Turn off WPS in your router. (Some routers have a setting for WPS for both IPV6 and IPV4). They are potential WPS clients seaching around for WIFI. I don't understand the reason why windows shows them there, but that seems to be the issue I had a couple of years ago.
> Windows also has a built-in WPS system that you can disable as well (called "windows connect now" service I believe), but I think it shouldn't be the culprit since you don't have wifi on that computer. Try disabling both, but I think the router will be your culprit.



Yep, I was thinking along that lines since long. The alien device presents itself to one of the "more open" services of my network and then it tunnels into Windows network awareness ... Yet, I believe I have nothing like WPS allowed. Will check, thanks mate!


----------



## ShrimpBrime (Dec 18, 2019)

The only time I notice this is when someone sits at the tracks in their car in front of my house. They are connecting to my stupid XFinity free shared wifi if you purchase internet through this carrier you shell out free webz. No I don't want to share my internet thank you. lol. Anyhow, My PCs pick up their devices through the wifi. 
It's fun to try and connect but won't because they are not technically on my Passworded wifi. So I cannot receive any details about their devices. Or connect to them. 
In short, if your issue is something similar, it's no big deal.  Also the random phones may be doing location detection while they may not have gps enabled or no reception with gps and utilizing your router instead.


----------



## Bill_Bright (Dec 18, 2019)

ShrimpBrime said:


> They are connecting to my stupid XFinity free shared wifi if you purchase internet through this carrier you shell out free webz.


But that is supposed to be totally isolated from your network. They are [supposedly] only sharing your wires (but not your bandwidth) from your modem out to the drop, and your electricity. You should not see them and more importantly, they should not see you. At least that is the promise from Comcast/XFinity.


erixx said:


> Maybe the "Phones" service of W10 is buggy?


Nah! If that, this would be widely complained about and reported. Yet your case is the first I have seen.


erixx said:


> Interestingly, these device have a MAC adress shown to me (properties page of the device). Could I investigate more with this information?


You can for all your own devices that you have physical access to. But I don't see how if outside your physical access. But it is important to note MAC addresses can easily be spoofed. In fact, most routers, which have their own MAC address, typically let you spoof your PC's MAC address right in the their menus. This is because, though this was mostly years ago, some ISPs expect to see only 1 computing device (i.e., your PC) connected to the modem. 

As for WPS, it is disabled by default and can only be enabled 5 minutes at a time by pressing a button on my Linksys router's front panel. My old Netgear router was the same way.


----------



## ShrimpBrime (Dec 18, 2019)

Bill_Bright said:


> But that is supposed to be totally isolated from your network. They are [supposedly] only sharing your wires (but not your bandwidth) from your modem out to the drop, and your electricity. You should not see them and more importantly, they should not see you. At least that is the promise from Comcast/XFinity.
> 
> Nah! If that, this would be widely complained about and reported. Yet your case is the first I have seen.
> You can for all your own devices that you have physical access to. But I don't see how if outside your physical access. But it is important to note MAC addresses can easily be spoofed. In fact, most routers, which have their own MAC address, typically let you spoof your PC's MAC address right in the their menus. This is because, though this was mostly years ago, some ISPs expect to see only 1 computing device (i.e., your PC) connected to the modem.
> ...



It doesn't display for a long time at all. Very short in fact. Blink once it's there, blink again it's gone. 
The phone may also query all Wifi available networks also. Which mine happens to be on the same router.
My wifi is very visible to everyone, it's just passworded. I can see 2 XFinity wifi on my router. My neighbors and mine. I can also view all the networks yet only 3 houses away, but very visible.


----------



## INSTG8R (Dec 19, 2019)

Not gonna lie you made me check my network. Last time I had anything close to this was early days of Spotify Connect I had someone hijacking my phone, but even worse hijacking my home theatre and putting on some horrible DnB and maxing the volume....those were dark days...


----------



## R-T-B (Dec 19, 2019)

Bill_Bright said:


> But that is supposed to be totally isolated from your network. They are [supposedly] only sharing your wires (but not your bandwidth) from your modem out to the drop, and your electricity. You should not see them and more importantly, they should not see you. At least that is the promise from Comcast/XFinity.



Can confirm.

You can also disable it on the "My Account" page.


----------



## lexluthermiester (Dec 19, 2019)

Based on the screen shots being displayed, this might be Windows 10 showing devices that can be connected to but are not actually connected to the system in question.


----------



## erixx (Dec 19, 2019)

Thanks guys, this is getting interesting with all the ideas you kindly provide.

I've gone the Rambo route and have reset the cablemodem/router to defaults, disabled wifi for now, and will add one device per one device as needed, and then add it to the whitelist, so I will end up having a short whitelist with exclusively my own devices. And then see if those little rats come back 

Will report. What @lexluthermiester says makes sense, but also doesn't because the Network part in My PC is My Network. There are other control panel pages for adding new Wifi, BT, etc. devices. Just imagine an office building with hunderds of devices showin up!!!!! Crazy, right???!!!!


----------



## INSTG8R (Dec 19, 2019)

erixx said:


> Thanks guys, this is getting interesting with all the ideas you kindly provide.
> 
> I've gone the Rambo route and have reset the cablemodem/router to defaults, disabled wifi for now, and will add one device per one device as needed, and then add it to the whitelist, so I will end up having a short whitelist with exclusively my own devices. And then see if those little rats come back
> 
> Will report. What @lexluthermiester says makes sense, but also doesn't because the Network part in My PC is My Network. There are other control panel pages for adding new Wifi, BT, etc. devices. Just imagine an office building with hunderds of devices showin up!!!!! Crazy, right???!!!!


Right? I mean I scoured my entire network after reading this making sure I had sharing disabled because my PC is my only wired device and everything else is on my NEST network( which I al also had a quick check and may well turn on Access control. Previously I would literally limit the IP Ramge wit(h just enough IPS for my devices I“ve since  moved and wiring things is no longer an option so I have 8 wifi devices connected at all times. I may just shrink my IP rang to 192.168.1.9 for my own piece of mind 
Trust me man those Spotify flashbacks came back and got me a little paranoid.


----------



## Athlonite (Dec 19, 2019)

yeah could be some sort of WIFI Direct Connect but as the OP has said his PC has no WIFI or BT so yeah it's a weirdo thing indeed


----------



## Bill_Bright (Dec 19, 2019)

ShrimpBrime said:


> My wifi is very visible to everyone, it's just passworded.


And that's fine (as long as the pass*phrase* is a very strong, impossible to guess passphrase). Many choose to disable SSID broadcasting thinking it improves security. But it doesn't. Any wannabe bad guy with a packet sniffer can still see your wifi network even if you don't display your SSID. 

If concerned, I recommend naming your network that does not identity you. Don't pick your dog's name, for example - if only to keep the whizkid next door from trying to use your wifi for his Internet porn surfing.


----------



## ShrimpBrime (Dec 19, 2019)

Im pretty secluded. No need for passwords, we hardly ever lock the door. My Belgium Malinois is door lock enough. If you dont know about this specific breed of dog, please do research. My property is his property. If someone breaks in... They aint getting back out, at least in one piece.
Steal my wifi? Well you have to be on the property first off. Signal is crap at the street, so probably useless to anyone.

Router in the basement, the signal stays pretty much inside the residence.


----------



## Bill_Bright (Dec 19, 2019)

It is important to understand and use the proper terminologies in technical discussions to avoid confusion, misunderstandings, and mistakes.

Pass*word* and pass*phrase* are NOT the same thing.

When it comes to a router and WAP (wireless access point), the pass*word* is used by your network administrator (likely you, and perhaps only you) to access the router/WAP's admin menu system. The pass*phrase* is used by everyone and all wireless devices to gain access to the wireless network. All authorized wireless devices need the pass*phrase*. Only the network administrator needs and should know, the pass*word*. And no, it is NOT being nitpicky.

As far as living out in a secluded area, that sure makes securing a wireless network much easier. But it also means a bad guy hiding out in the bushes 1000 yards away with a directional antenna can zero in on your network much easier too.

As for your puppy-dawg, I am very familiar with that breed as they are used often as service dogs for the US military and as police K-9 dogs. A couple friends have had these dogs. Neither would "protect" the property, but for sure, no one could trespass unnoticed, or sit on the couch without them being in their laps!


----------



## xtreemchaos (Dec 19, 2019)

I had one earlyer in the year it just showed up showing as a load of numbers I spent ages trying to find out what it was, I was quite paranoid thinking it was some sort of crack but turned out it was the new LG washing machine the misses forgot to tell me it was a internet controlled one , I felt a bit daft and releaved.


----------



## erixx (Dec 19, 2019)

hoho! I found a "Smart Wifi" function on the modem, can't remember it's use after over a year of reading the manual. I deactivated it and for now, no buggers....


----------



## INSTG8R (Dec 19, 2019)

xtreemchaos said:


> I had one earlyer in the year it just showed up showing as a load of numbers I spent ages trying to find out what it was, I was quite paranoid thinking it was some sort of crack but turned out it was the new LG washing machine the misses forgot to tell me it was a internet controlled one , I felt a bit daft and releaved.


I have a weather station that used Wifi for as far as I can tell just for time and if I want to check the weather via the App, The Problem is I bought a NEST setup recently  (Netgear ORB I do NOT recommend) So now my network has a single access point SSID. The weather station runs on 2.4 so to pair it you need to use the app on your phone. Well you try telling your phone not to hook to to the 5G long enough to pair it...Hiding SSID, turning down antenna strength, no way to actually disable the bands so its a reboot, get as far away as I can hope it hooks into the 2.4 long enough to complete the pairing. Lets say it took MANY MANY attempts....


----------



## xtreemchaos (Dec 19, 2019)

its very much the same when trying to control a telescope and camera over the wifi one app for working the cam and another for moving the telescope then another for tracking I could not keep them all connected at the same time so ended up hardwiring them all.


----------



## ShrimpBrime (Dec 19, 2019)

Yea. Its a pass something. Phrase or word. Either way its simple. 12345678. 

Use my internet from 1000 yards? The field is not quite that small but I get the point. 

Well mine "Shadow" is a lover to family. Hes not loud until you knock on the door. Then he freight trains the window in the door. Scares the crap out of the amazon guy. Offered dude to meet the dog so he can set the fear aside and Shadow get to know him so he doesn't go into protect mode. Nope, Amazon dude wants nothing to do with Shadow. Even with my presence. 
Jahova witness dudes came and went real quick. 

Testing the dog, if one of my kids is attacked, they are going to be well protected. Hes grabbed my arm on a couple of occasions playing with my son wrestling. He didnt bite down, but he didnt want to let go. Doesnt scare me, I fear no dog bites. But whomever wants to challenge the dog is welcome to. 

But yea, hes a good boy. Super family oriented.


----------



## Bill_Bright (Dec 19, 2019)

erixx said:


> hoho! I found a "Smart Wifi" function on the modem, can't remember it's use after over a year of reading the manual. I deactivated it and for now, no buggers....


Yeah, folks forget about those "smart" devices. Washing machines, refrigerators, Ring door bells, watches - you name it. What I don't like is many don't properly identify themselves. My TV appears as LG OLED55C7P (the model number) but my LG Blue-ray player appears simply as "network device".  Your smart modem should never have appeared as a phone device. 


> Hes grabbed my arm on a couple of occasions playing with my son wrestling. He didnt bite down, but he didnt want to let go.


I had a lab/setter mix do the same thing to me. Only her grip would keep getting tighter and tighter until I let my son go. Then she would immediately let go, give my son a sniff, then lick my face.   One of the best dogs I ever had.


----------

