Don’t trust your hardwire unless it’s yours

A few days ago a friend called with help setting up secure wireless networking.  He had just moved into a new house that he bought (it’s actually about 120 years old, but new to him).

A previous owner had CAT-5 Ethernet cable run throughout the house.  Convenient!

So we went through adding all the usual security, including MAC address filtering – which basically means only specified hardware can connect to the Internet.

But we kept finding a MAC address on the hardwired side of the network that we couldn’t identify.  Finally I had my friend unplug everything from the wired Ethernet except the router – and there was STILL another device on the network.

Since this friend works in a security sensitive area (no, he didn’t plan on using his WiFi for that – even if he wanted to, he couldn’t) he brought in better help than me.  Local help, even (he’s over a thousand miles away from me).

It turns out there was an  Internet Camera plugged into the wired Ethernet and placed in the air conditioning vent in the master bedroom.  It got a DHCP address from the router anytime the router was plugged into the home network.

As scary as this seems, he wasn’t really in any danger of being spied on – changing ISP providers, routers, etc ensured that nobody could find this camera and access it.  But it was still an odd story.

It makes you wonder who put it there, and why.  And why they never removed it.  I’m confident there are people looking into that now – but the lesson here I guess is to NOT trust networks you haven’t wired yourself – or at least checked out. 

Of course this goes for business as well – a few years ago when I was managing an office relocation the new site we selected already had a ton of cable pulled (it used to be an international call center) – our corporate IT guys insisted on running their own cable – to the tune of over $45K.  Was it worth it?  Yep – all the security cameras and network connections that were in place when we moved in were shared with the business next door – but we didn’t know it.

Better safe than sorry.  Now I understand why there is so much copper in so many drop-ceilings.


  1. @Paul – the switch was already there – it’s an old Bay Networks switch of some type. When we were hooking up the router it was between the ISP and the switch. I’m pretty confidant there isn’t anything else on the network, but until he has every cable traced he won’t be using the wired network.

  2. @Rob, if that 24-port ‘closet’ switch is the router you referred to in ” had my friend unplug everything from the wired Ethernet “, then, for the story to make sense, there MUST be yet another switch BEHIND this router SOMEWHERE. If they haven’t found it, that house is STILL vulnerable.

  3. @Paul – by “Why” I meant, was it a spouse who suspected cheating, etc. And as for who – it could have been the people that installed the CAT-5. Who knows.

    There is a large (physically huge) 24 port switch in a closet. I haven’t heard if they’ve found anything else yet. For now he is going wireless only! 🙂

  4. Interesting story.

    “Who placed it there?” .. I would bet the previous owner or somebody he hired to do that.
    “Why?” .. In the master bedroom you said? Do I need to spell it out for ya? 😉

    Question: do you know where they eventually found the second switch/hub?