Hi again Lupin,

if he has it switched off then he shouldn't be able to connect to other free VM wifi hotspots, and nobody should be able to connect to his 

---

@newapollo wrote:

Hi again Lupin,

if he has it switched off then he shouldn't be able to connect to other free VM wifi hotspots, and nobody should be able to connect to his 

---

Turning off the VM WiFi hotspots only stops the users hub broadcasting the hotspot.  It doesn't stop the customer using other VM hotspots.

In any case it is entirely separate to the customer's account and there is no way the customer can see if anyone is connected to the hotspot coming from their hub.

By the way Arris are the company that manufactures the VM Hub 3.

Hi again Lupin,

I have an X96 box, also a Firestick. 

They can come up with a new internal ip address in the range of 192.168.0.x  if i disconnect and then reconnect them, especially if I haven't used them for a while.

They are also sometimes given a new internal IP address if I reboot my router. So, it's possible that's the information being picked up? 

It's like Google often informs me if I log on on what they say is a different device when I've cleared the cache and cookies in my browser, even though it's the same equipment

Many thanks, Graham, for the clarification on using VM wifi hotspots.

We're only on Superhub 2 but it's interesting to know that Arris manufactures the Hub 3.

Lupin

Ah, that's a good point about rebooting the router!  I don't think we did so recently but I'll need to check that too.

I know what you mean about Google saying you're on a different device when you're not.  I had the same message yesterday from Amazon (I very rarely use them).

Thanks for all your comments today, Dave.  I'll shut down now.

Have a good evening.

Lupin

---

@Lupin-2 wrote:
Sure, and thanks for getting back so quickly.
1. Our internet security company is ESET. We have been their customer for many years.
2. I was working online and noticed a pop-up message arrive on-screen telling me that an "unknown device" had connected to our system.
3. I don't know how they determined that an unknown device had connected to our LAN but on the "Connected Home Monitor" screen in the software's Tools section, I can see (on a kind of sonar view) the IP address and name of the unknown device.

---

The nslookup command result name indicates the IP Address is not one that would be allocated to a Virgin Media customer; for the latter the text cust would be expected in the name but instead gw appears which, along with the .1 assignment, suggests its purpose within Virgin Media's network as a gateway.

$ nslookup 82.34.144.1
1.144.34.82.in-addr.arpa	name = cpc93784-hari17-2-0-gw.20-2.cable.virginm.net.
⋮

IMHO with ESET's determination of the device vendor (Cadant Inc) it is improbable that the above device and that which connected to your local area network are one in the same. To help confirm this can you:

• sign into your Super Hub 2
• go to Advanced Settings > DHCP Settings
• post the first part of the IP Address shown under LAN IP, for example if 192.168.0.1 then just post 192.168.x.x
  
  
• If ESET's Sonar is still showing the device can you post a redacted screenshot
• post a redaction of whatever additional detail ESET has recorded about the incident

Hello again and thanks very much for your informative message.

I've done what you suggest but when I post 192.168.x.x under LAN IP, I just get a pop-up saying "IP Error: Invalid IP address".

If the IP address 82.34.144.1 is a gateway address rather than a customer address within Virgin Media's network, is that potentially a bigger problem / more sinister?

Please do not change any of the setting on your SH2, the request was for the information shown in the IP Address field to be posted here, for example 192.168.0.1 is the value shown below which means that 192.168.x.x should be posted in your reply.

---

@Lupin-2 wrote:
⋮

If the IP address 82.34.144.1 is a gateway address rather than a customer address within Virgin Media's network, is that potentially a bigger problem / more sinister?

---

ESET's sonar feature shows devices connected to your network and as such they will have an IP Address beginning with the value shown in the IP Address field under Advanced Settings > DHCP Settings on your SH2.

Thanks, but I'm sorry, I don't understand what you mean by "should be posted in your reply". 

Under DHCP Settings, our LAN IP address is exactly as you show it below and we have various devices with addresses beginning 192.168.x.x. which appear correctly in ESET's sonar map.  Are you asking me to tell you the IP address for each of our legitimate devices?

ESET's sonar map also shows, inside a big question mark, the "unknown device" 82.34.144.1 which does not seem to bear any relation to anything we have in the house.