Have you ever wondered how many devices are actually using your Wi-Fi? It's possible that it's not just your smartphones and laptops that are connected to the network, but also your neighbors' forgotten gadgets, smart light bulbs, or even other people's devices. Viewing the history of connected devices Through a router, it helps not only control traffic, but also identify potential data leaks or unauthorized access.
In this article we will look at all available methods Device list checks—from the standard router web interface to specialized apps. You'll learn how to distinguish legitimate devices from suspicious ones, what data can be extracted from router logs, and why some devices may be "hiding" in the list. And also— How to block unwanted "guests" in two clicks.
Important: The ability to view history depends on the router model. Budget devices often store data only on current connections, while more advanced models (e.g., ASUS RT-AX88U or Keenetic Ultra) keep a log of activity for several days or even weeks.
Method 1: Router web interface - the basic method for all models
The most universal method is to access the router's control panel through a browser. This doesn't require any additional software, just network access and login information (usually found on the device's sticker).
Algorithm of actions:
- Connect to the Wi-Fi network whose history you want to check.
- Enter the router's IP address in the browser's address bar. Most often, this is
192.168.0.1,192.168.1.1or192.168.8.1(For TP-Link). - Enter your login and password (usually by default
admin/adminoradmin/empty field). - Find the section with connected devices. Its name varies:
- 🔹 TP-Link:
Wireless → Wireless StatisticsorDHCP → DHCP Clients List - 🔹 ASUS:
Network map(in the top menu) - 🔹 Keenetic:
Devices(in the main menu) - 🔹 D-Link:
Wi-Fi → Clients
- 🔹 TP-Link:
In this section you will see a table with MAC addresses, IP addresses, device names (if they are broadcast) and connection time. Please note: most routers only show active connectionsTo see the history, look for the tab Logs, System log or Wireless Event Log.
⚠️ Attention: If the list contains devices with unfamiliar MAC addresses (for example, 00:1A:2B:3C:4D:5E), but without a name, this may be a sign of connection through MAC-spoofing — a method of masking the real address. In this case, we recommend immediately change Wi-Fi password and enable MAC filtering.
Find the Wi-Fi Clients section | View the list of DHCP clients | Check the system logs for connection mentions | Check MAC addresses against known devices -->
2. How to decipher data: what MAC, IP, and device names mean
The list of connected devices often looks like a jumble of confusing numbers and letters. Let's figure out how to read this information:
MAC address (For example, A4:5E:60:1F:2D:3C) is a unique identifier of the network adapter. The first 6 characters (A4:5E:60) indicate the manufacturer:
- 🔹
00:0A:F5— Cisco - 🔹
3C:5A:B4— Google (For example, Nest or Chromecast) - 🔹
B8:27:EB— Raspberry Pi - 🔹
78:31:C1— Apple (iPhone, MacBook)
You can check the manufacturer by MAC on websites like MAC Vendors Lookup or via the command in the terminal:
arp -a | findstr "A4-5E-60"
IP address (For example, 192.168.0.103) is assigned automatically by the router (DHCP). If you see an address outside your subnet (for example, 10.0.0.x at your 192.168.0.x), this may indicate intrusion through a router vulnerability.
Device name (hostname) is not always translated. For example, Android-smartphones are often displayed as android-123456, A Windows-PC - how DESKTOP-ABCDEFIf the name is missing, it could be:
- 🔹 Smart device (light bulb, socket)
- 🔹 Gadget with disabled broadcast hostname
- 🔹 An attacker hiding his activity
How to find out what device is hidden behind a MAC address?
If you have a suspicious MAC address on your network, but you don't know which device it belongs to:
1. Disconnect all known gadgets from Wi-Fi one by one and see if the MAC disappears from the list.
2. Use apps like Fing (Android/iOS) to scan the network - they often show the manufacturer and type of the device.
3. For Windows run in command line:
ping 192.168.0.103
arp -a
(replace IP with the suspicious address).
3. Viewing history via mobile apps (for routers with support)
Many modern routers have official apps that make network monitoring easier. For example:
- 🔹 TP-Link Tether — for devices TP-Link
- 🔹 ASUS Router — for routers ASUS
- 🔹 Keenetic — a universal application for the models of the same name
- 🔹 Mi Wi-Fi — for routers Xiaomi
Benefits of the apps:
- 🔹 Real-time notifications about new connections
- 🔹 Ability to lock devices with one tap
- 🔹 Traffic consumption charts by device
- 🔹 Connection history for the last 7–30 days (depending on the model)
Example: in Keenetic The history is stored for up to 30 days and shows:
- 🔹 First and last connection time
- 🔹 Volume of downloaded/uploaded data
- 🔹 Connection attempts with errors (incorrect password)
⚠️ Attention: In the applications of some budget routers (for example, Tenda N301) the history may reset after rebooting the device. If logging is important to you, choose models that support it. syslog or cloud storage of logs.
| Application | Max history depth | New device notifications | Blocking devices |
|---|---|---|---|
| ASUS Router | 30 days | ✅ | ✅ |
| Keenetic | 30 days | ✅ (with settings) | ✅ |
| TP-Link Tether | 7 days | ❌ | ✅ |
| Mi Wi-Fi | 14 days | ✅ | ✅ |
4. Advanced Method: Analyzing Router Logs via Telnet/SSH
If your router supports access via Telnet or SSH (For example, ASUS with firmware Merlin or OpenWRT), you can extract extended connection history directly from system files.
Instructions for ASUS Merlin:
- Enable SSH in the web interface:
Administration → System → Enable SSH. - Connect via PuTTY (Windows) or terminal (macOS/Linux) at the router address.
- Enter commands to view logs:
cat /var/log/messages | grep "assoc"cat /var/log/messages | grep "DHCPACK"These commands will show all connection events (
assoc) and IP issuance (DHCPACK). - To save the log to a file:
cat /var/log/messages > /tmp/wifi_logs.txtThen download the file via
SCPor web interface.
In OpenWRT router logs, the history may be stored in the /var/log/kernel.log or /var/log/syslog file. Use the grep command to filter by keywords like "wlan0," "hostapd," or "dnsmasq."
Example of log output:
May 10 14:30:45 hostapd: wlan0: STA a4:5e:60:1f:2d:3c IEEE 802.11: associated
May 10 14:30:46 dnsmasq-dhcp: DHCPACK(wlan0) 192.168.0.103 a4:5e:60:1f:2d:3c
Here you can see that the device is with MAC a4:5e:60:1f:2d:3c connected to the network wlan0 and received an IP 192.168.0.103.
⚠️ Warning: Router logs can take up a lot of space and slow down your router. Set up log rotation or clear them regularly using the command logread -c (For OpenWRT).
5. Third-party network monitoring programs
If your router's capabilities are limited, use specialized network scanning software. These programs show not only connected devices but also their activity, open ports, and even potential vulnerabilities.
Top 5 utilities for different platforms:
| Program | Platform | Functions | Free version |
|---|---|---|---|
| Fing | Android, iOS, Windows, macOS | Network scanning, device discovery, port checking, notifications about new gadgets | ✅ (with restrictions) |
| Advanced IP Scanner | Windows | Search for devices on the network, identify the manufacturer by MAC, remotely shut down a PC | ✅ |
| nmap | Windows, macOS, Linux | Deep network scanning, service and software version detection, vulnerability search | ✅ |
| Wireshark | Windows, macOS, Linux | Real-time network traffic analysis, packet decoding | ✅ |
| GlassWire | Windows, Android | Monitor traffic across devices and block suspicious activity. | ✅ (basic) |
Example of use Fing:
- Install the application and open it.
- Click
Scan— the program will show all devices on your network, indicating:- 🔹 MAC addresses and manufacturer
- 🔹 IP addresses
- 🔹 Open ports (if any)
- 🔹 Device type (smartphone, PC, IoT)
Story You can see when the device first appeared online.Wireshark Suitable for advanced users. It allows you to not only view a list of devices but also analyze their traffic. For example, a filter wlan.addr == a4:5e:60:1f:2d:3c will show all packets associated with a specific MAC address.
6. How to detect hidden devices and protect yourself from them
Some devices may not appear in the standard lists for the following reasons:
- 🔹 They are connected to guest network (if it is configured separately).
- 🔹 They use static IP outside the router's DHCP pool.
- 🔹 Located in sleep mode (for example, a laptop with the lid closed).
- 🔹 They disguise themselves as legitimate devices (changed MAC address).
To identify such devices:
- Check your settings guest network in the router - there may be a separate list of clients.
- Use nmap To scan all possible IPs in your subnet:
nmap -sn 192.168.0.0/24This command will scan all addresses from
192.168.0.1to192.168.0.254. - Enable the option in your router
AP Isolation(client isolation) - this will prevent devices from communicating with each other and may detect suspicious activity. - Set up notifications about new connections in the router application or through IFTTT (if supported).
If you find an unauthorized device:
- Block it by MAC address in the router settings (section
Wireless MAC FilterorAccess Control). - Change your Wi-Fi password to a more complex one (use
WPA3, if supported). - Turn it off
WPS- This protocol is vulnerable to brute force attacks. - Update your router firmware to the latest version (vulnerabilities in older versions are often exploited for unauthorized access).
⚠️ Attention: If unknown devices with changed MAC addresses regularly appear on your network (for example, 00:11:22:33:44:55), this may indicate a targeted attack. In this case, we recommend enabling hiding SSID (although this is not a panacea) and use VPN for all devices.
7. Automated Monitoring: How to Get Scheduled Reports
Manually checking the device list is tedious. Fortunately, many routers and third-party solutions automate this process.
Automatic monitoring methods:
- 🔹 Email notifications: in routers ASUS And Keenetic You can set up sending reports about new devices to your email.
- 🔹 Integration with Home AssistantIf you have a smart home, add the router as a device and set up a dashboard with connection graphs.
- 🔹 Python Scripting: Using a Library
scapyYou can write a script that will scan the network and send reports to Telegram. - 🔹 Cloud services: some providers (eg Yota or Beeline) offer a “My Network” section with connection history in your personal account.
An example of setting up email notifications on Keenetic:
- Go to
Manage → Notifications. - Add your email and set up SMTP (you can use Gmail or Yandex).
- Enable the option
Notify about new devices on the network. - Specify a sensitivity threshold (for example, only notify about devices connected for more than 5 minutes).
For automation through Home Assistant:
- Add to
configuration.yamlintegration with the router (for example, throughluciFor OpenWRT). - Create a sensor that will monitor new MAC addresses:
- Set up automatic notifications in Telegram or via push notifications.
sensor:- platform: command_line
name: "WiFi Devices"
command: "arp -a | grep -c 'wlan0'"
scan_interval: 300
FAQ: Frequently asked questions about viewing device history
Is it possible to see the connection history for the past month?
It depends on the router model. Most home devices store logs for no longer than 7-30 days. For long-term storage, configure log export to an external server or use third-party programs like PRTG Network Monitor, which archive data.
Why do unknown gadgets with names like "Android-1234" appear in the list of devices?
These could be:
- 🔹 Guest devices you've shared with Wi-Fi.
- 🔹 Smart gadgets (speakers, watches, fitness trackers) that connect automatically.
- 🔹 Neighbors using your Wi-Fi (if the password is weak or WPS is enabled).
Check MAC address via MAC Vendors Lookup - this will help identify the manufacturer.
How do I permanently block a device so it can't connect even after resetting the router?
Use MAC address filtering:
- In the router's web interface, find the section
Wireless MAC FilterorAccess Control. - Add the MAC address of the unwanted device to the blacklist.
- Save the settings and reboot the router.
To ensure that the blocking works after a reset, export the router configuration to a file and save it in a safe place.
Is it possible to see what websites a connected device has visited via Wi-Fi?
No, the router's default tools don't allow you to view your devices' browser history. To do this, you'll need:
- 🔹 Specialized programs like Wireshark (requires skills).
- 🔹 Setting up DNS servers with logging (for example, Pi-hole).
- 🔹 Installing a certificate on a device to decrypt HTTPS traffic (unethical and often illegal).
In most countries, viewing someone else's traffic without consent is a violation of privacy laws.
Why do some devices appear in the list but cannot access the Internet?
Possible reasons:
- 🔹 The device is connected to Wi-Fi, but has not received an IP (DHCP problems).
- 🔹 The router has firewall rules configured that block access.
- 🔹 The device has a static IP address that conflicts with other addresses.
- 🔹 DNS problems (try manually entering
8.8.8.8or1.1.1.1).
Check your router's DHCP settings to ensure the address pool is not exhausted.