See this video I made
http://www.aa-kkemail.co.uk/2012-02-11-069.mp4

It shows data being transferred but NO stations connected.

The AP config is:

AP :
AP 800 acts as a bridge between wireless devices and wired Ethernet network, and exchanges data between them.

I have seen weird instances of devices with unaccounted names showing up in the DHCP table of the router (Draytek 2955), which were obviously connecting via wifi. The 800 AP has four SSIDs, of which only one contained a name. It is possible that the default setting for the other 3 is ON and certainly the default setting for those 3 is NO security. But even after I set up WPA/PSK and a random pwd on the other 3, I still saw somebody using it and that was when I made the video. It certainly seems possible to enter e.g. a space character in one of those SSIDs and end up with an open channel...

Hello peter,

There are some security loopholes in WPA... have you tried using WPA2? it may just be that someone has hacked your main network (as opposed to any of the other SSID's becoming active in some manner).

I thought the only known hole in WPA was a dictionary attack, but the passphrase I am using would be immune from that.

WPA2 is not supported by one of the client devices I have to support - a very nice but a bit old Sony laptop. But maybe there is a solution; that laptop is running winXP which does support WPA2 in other contexts i.e. it may be implemented by the OS rather than by the adapter.