Kusuri
Occasional Visitor
So I'm currently troubleshooting my ISP's proprietary router (which I believe is built around a Cisco ME 4600, I found that the CLI commands are similar) due to a problem with the 2.4GHz signal, which stops responding after a few days.
After trying everything (different channels, SSIDs etc) I'm now trying to use WPA/WPA2 TKIP + AES instead of simply WPA2 + AES. It is only temporary (I refuse to accept less security as a "solution"), so I could at least report it's a bug (if that's the case and not just a HW fault of my unit), but I'm still paranoid so I've been regularly checking the ARP table.
Today I've noticed an oddity in that same ARP table:
While all devices were in the 192.168.1.x/24 IP range given by the router's DHCP there was one in 10.x.x.x/8 range.
The device in question was also sharing the exact same MAC address of another device that already had its proper 192.168.1.x LAN IP.
Could the 10.x.x.x had been a different device spoofing the other's MAC address or was this just possible normal behavior? Had never seen it happen before, at least not before I made the security change, be it coincidence or not (then again I wasn't paying so much attention to the ARP table before)...
EDIT: Through some searches I was actually able to find some possible clarification to this, saying that it's related to Android and Mobile Data connection. Is that right? The device in question still has Mobile Data enabled, but the 10.x.x.x IP hasn't re-appeared.
After trying everything (different channels, SSIDs etc) I'm now trying to use WPA/WPA2 TKIP + AES instead of simply WPA2 + AES. It is only temporary (I refuse to accept less security as a "solution"), so I could at least report it's a bug (if that's the case and not just a HW fault of my unit), but I'm still paranoid so I've been regularly checking the ARP table.
Today I've noticed an oddity in that same ARP table:
While all devices were in the 192.168.1.x/24 IP range given by the router's DHCP there was one in 10.x.x.x/8 range.
The device in question was also sharing the exact same MAC address of another device that already had its proper 192.168.1.x LAN IP.
Could the 10.x.x.x had been a different device spoofing the other's MAC address or was this just possible normal behavior? Had never seen it happen before, at least not before I made the security change, be it coincidence or not (then again I wasn't paying so much attention to the ARP table before)...
EDIT: Through some searches I was actually able to find some possible clarification to this, saying that it's related to Android and Mobile Data connection. Is that right? The device in question still has Mobile Data enabled, but the 10.x.x.x IP hasn't re-appeared.
Last edited:
