I have recently found a DHCP lease on my home router for a hostname of "detective" with a spoofed MAC address. I do have WLAN with basic WEP (128 bit) and changed very infrequently.

Does any1 know of any viruses, trojans or hacking tools that would obtain a DHCP lease for spoofed MAC address with hostame of detective, cos I'm flummoxed???

Hi dme1

... and welcome to Wilders :)

-{ Quote: "I have recently found a DHCP lease on my home router for a hostname of "detective" with a spoofed MAC address. I do have WLAN with basic WEP (128 bit) and changed very infrequently." }-
Is this an unknown system that is connected to your wireless network?

-{ Quote: "Does any1 know of any viruses, trojans or hacking tools that would obtain a DHCP lease for spoofed MAC address with hostame of detective, cos I'm flummoxed" }-
There are tools available that could be used to monitor, crack and access your wireless/WEP.

Reagards,

CrazyM

Hi CrazyM and thx for welcome,
Sorry I didn't explain my question very well :-

Is this an unknown system that is connected to your wireless network?
Yes it is unknown, but after research on google it appears that others have also had a hostname of detective with spoofed mac address in their dhcp lease tables

There are tools available that could be used to monitor, crack and access your wireless/WEP
Yes I realise there are WEP hacking tools, my question was more to do with the DHCP lease to hostname detective with spoofed MAC address.

My dilemma is that I have recently started playing with remote exploit Auditor tools without reading up first (silly me):-[

So, because this DHCP lease issue has been seen elsewhere, my guess is that there is a tool or malware somewhere that has done this. Question is, have I done it inadvertently by playing with Auditor tools on my network (hopefully :) ) or has someone done it over my WLAN which means I have been WEP hacked (hopefully not:-\ )

Hope that makes sense...

thanks to someone from another forum for pointing me towards windows 2003 server. When configuring a server to be the 1st domain controller in a new forest with a dns install w2003 does this dhcp stuff. So there is no malware responsible, unless you class w2003 as malware;D