Background
I haven't changed my router pw for a long time and one day my PC couldn't connect. Although it turned out to be the VPN's issue, I wanted to strengthen the security of my network. I changed my router pw, router's admin pw, added MAC address filtering to allow only my devices to connect. Now I want to setup a monitoring laptop to display any incoming wireless connection attempts against my network.
So I setup an old Acer netbook, installed Lubuntu 20.04 and wireshark on it.
Acer Netbook
- Connected to my router wirelessly
- Turned on monitoring mode of the network card
Filter Applied
wlan type mgt and (subtype deauth or subtype disassoc)
Question
When I applied the second filter to checkout anything sus with my router's MAC address, I saw nothing. But when I removed the router MAC address filter, I got tens of thousands of mainly deauth attacks and some disassoc attacks. Are they going through my network as a part of a larger attack? Should I be worried?
Wireshark file I saved after letting it ran overnight.
I am quite a noob myself regarding networking and wireshark, please help. Thanks.