Showing results for 
Show  only  | Search instead for 
Did you mean: 
Message 1 of 12

Technical Log Entries

I have G.Fast and a Smart Hub2. I rarely understand the entries in the technical log, but usually just assume that they are normal activity.

However, today I seem to have a very large number of entries in the following form

2.4G client Mac: 20:47:ED:5F:C4:96 Deauthentications (Reason:Class 2 frame received from nonauthenticated station)

and a few (which appear to relate to the same Mac address) saying

2.4G client Mac: 20:47:ED:5F:C4:96 Deauthentications (Reason:Deauthenticated because sending station is leaving (or has left) IBSS or ESS)

The Mac address does not seem to relate to any of my devices. Is this anything I should be worried about?

0 Ratings
Message 2 of 12

Re: Technical Log Entries


There is an issue which affects Apple devices which have been upgraded to IOS14, if you have any devices like that.

But looking at your logs, I would say that its a device which is attempting to connect to your wireless network, but does not have the password, so its failing to authenticate.

This can happen, if people are scanning for wireless networks to see if they can connect to them, so its nothing to be concerned about.

The MAC address does not seem to relate to any vendor, so its probably being user generated.


0 Ratings
Message 3 of 12

Re: Technical Log Entries


Thank you for replying.

I do have an iPad, but that is running software version 13.7

0 Ratings
Message 4 of 12

Re: Technical Log Entries

That is unlikely to be the cause. You are probably just being scanned by someone, but they are not connecting.

0 Ratings
Message 5 of 12

Re: Technical Log Entries

Thank you for that. It may or may not be coincidental that at about the same time as these entries started, the router disconnected from the internet for the first time in a couple of weeks.

Still, what you say is reassuring.

0 Ratings
Message 6 of 12

Re: Technical Log Entries

Just by way of an update, having delved into this a bit further, it looks as if the Mac code is for BSkyB Ltd. As I don't have any Sky equipment at all, I assume that it is from a neighbour's house, though why it would be trying to connect to my router rather than the neighbour's own router is something I don't understand.

0 Ratings
Message 7 of 12

Re: Technical Log Entries

Any wireless device will scan and try to connect to another it happens to find in its locality. Its nothing unusual.

0 Ratings
Message 8 of 12

Re: Technical Log Entries

Can you expand on what is the IOS 14 issue please?


Also, if the "Deauthenticated because sending station is leaving (or has left)" message was coming from a mac address that has never successfully connected to my network, is received precisely every 4 seconds and still occurs after the SSID has been changed, would that change anyone's view as to whether the attempts are malicious or 'nothing to worry about'?


I appreciate that if a device is trying to connect but is unsuccessful, then really: who cares (other than logs becoming bloated with deauthentication messages) but in the absence of mac filtering on a SmartHub2, it strikes me as an issue that can't be resolved without swapping out to a router with mac filtering?

0 Ratings
Message 9 of 12

Re: Technical Log Entries

How will MAC filtering help, the device would still attempt to connect and fail as it does now.

0 Ratings
Message 10 of 12

Re: Technical Log Entries

Thanks for the IOS14 link and for explaining that mac filtering wouldn't stop the deauth spam.

I suppose my question remains:  if one were receiving deauth messages in your router logs from an unknown MAC address every four seconds, 24/7, would your first thought be 'malicious script kiddy', or something less dramatic?



0 Ratings