- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
New Armor subscription
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
New Armor subscription
Just restarted Armor on my network.
Received notifications about vulnerable devices. Most I recognize, a few are unfamiliar.
How do I identify what they are?
"Shanghai High-Flying smart plug"
"HAL-002 router"
I figure that 1 or both are imbedded in something on my network.
Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Armor subscription
Does Armor list the MAC address of the devices?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Armor subscription
How do I figure out what they are...Next steps?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Armor subscription
Most people enter the MAC address into a web site that maps manufacturer codes to brand names, such as:
https://www.wireshark.org/tools/oui-lookup.html
to get a starting place. This should eliminate a huge number of devices on the network.
i.e. if the oui maps to Samsung then it is probably a Samsung. if the oui does NOT map to Samsung, then it is probably not a Samsung.
Once all the obvious devices have been eliminated, then it is often a process of elimination. Turn off one of the suspect devices, and see which device disappears from the Attached Devices display (takes up to 5 minutes).
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Armor subscription
Will reply back with results.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Armor subscription
Looked at multiple websites to track down the vendor of the "mystery" MAC addresses.
All led back to what I already knew, that it's a "Shanghai High-Flying smart plug"
Next step will be to start unplugging any suspects and see if it disappears.
If I've identified it, I have no idea how to remove the vulnerability that Armor found or if that's necessary.
Last resort would be to replace it with a known product if I can...TP-Link, Amazon, etc.
Any other advice?
Thanks.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more