I have noticed that at various times in the day, multiple machines are connected to my router. I have recently set up WEP encryption and thought it was working (my machine can't connect without my key) but I still see more machines connected than I have... there are only 2 machines in the household but I get up to 3 wireless devices connected according to the Netgear DG834G's admin console.... I have the device's mac address but that's all... anyway of ensuring that people can't use my connection? Am I missing some part of setting up security?
WEP encryption isn't very good and is easily cracked. I suggest you switch to WPA which offers better security.
What's happening is that you're seeing users connecting to your router, but probably not obtaining an IP address. There's some page in your DG834G which shows the IP addresses that have been issued by DHCP. You'll probably find your own devices (those with a WEP key), but not those that are shown to be "connected". Without an IP address, those connections can't do anything. (No, assigning a statis IP address isn't going to do anything. Keep reading).
The problem is that the router needs to allow literally any client to first "connect" before it can exchange encryption keys, authenticate, check the MAC address filter, and so on. What you'll see is the initial connection, the clients MAC address, but that's all. Having failed to exchange WEP keys, the entry just sits in the log, no traffic moves, and no access to your LAN. It's kinda a chicken or egg problem. The access point needs to allow a wireless connection before it can reject the connection. What's happening is that some user has their Windoze Wireless Zero Config setup to "connect to any available wireless network" where it scans for random access points and sequentially attempts to connect to any and all of them.
If you're paranoid, you can always add the mystery MAC address to the MAC address filter blocked list.
This offers a somewhat false sense of security and can be a problem later. If you turn on MAC filtering and forget about it you'll have a devil of a time trying to figure out why a replacement card isn't working. Or why a guest can't use the network. That and if someone else wanted to steal access all they have to do is listen to the wireless signals, see one of your legitimate MAC addresses being broadcast and change their computer to use that address. This adds a whole other layer of debugging hassles as duplicate MAC addresses are a real no-no on networks. Best to switch to WPA and leave it at that.
That's why I originally suggested that the MAC filter be used to "block" the neighbors MAC address, and not use the more obvious "allow" feature. However, it wasn't due to security or usability issues. It's just the way I've found effective to controlling my neighborhood wireless LAN. New machines appear and disappear all the time. When skool is out, laptops and game machines arrive from college. I don't want to deal with these individually. What I do is monitor the traffic. If I see excessive traffic (usually a virus or worm), or abuse (file sharing), then I just block the culprits MAC address. They can of course change their MAC address and circumvent the block, but so far, that hasn't happened.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.