Have you noticed that your internet has become slower, even though your plan hasn't changed? Or is your router flickering more often than usual, even when all your home devices are turned off? These signs may indicate that your Wi-Fi networks outsiders joined in. According to the study Kaspersky By 2026, one in five users experienced unauthorized access to their home network—and it wasn't always neighbors who "forgot" to disconnect.
In this article we will look at 7 proven methodsHow to determine who's using your Wi-Fi—from standard router tools to advanced network utilities. You'll learn how to distinguish legitimate devices from rogue ones, what data to collect to prove traffic theft, and how to block uninvited guests. without losing speed for your gadgetsWe'll pay special attention to hidden connections that aren't visible in the router's basic interface.
1. Checking via the router's web interface: step-by-step instructions
The most reliable way is to look into the administrative panel of your router. Most modern models (TP-Link Archer C6, ASUS RT-AX88U, Keenetic Giga) display a list of connected devices in real time. Here's how:
- Find out your router's IP address. Usually it is
192.168.0.1or192.168.1.1The exact address can be found on the sticker on the back of the device or via the commandipconfig(Windows) /ifconfig(macOS/Linux). - Log in. Enter your login and password (by default it is often
admin/admin, but it is better to use unique data). - Find the clients sectionThe paths may differ:
- 🔹 TP-Link:
Wireless Mode → Wireless Mode Statistics - 🔹 ASUS:
Network Map → Clients - 🔹 Keenetic:
Devices → Device List - 🔹 D-Link:
Wi-Fi → Clients
- 🔹 TP-Link:
In the table you will see MAC addresses, IP addresses and device names. Pay attention to unknown entries, especially those with random characters in the name (e.g., android-12ab34cd or iPhone-5s-789).
⚠️ Note: Some routers (eg. Zyxel Keenetic (older than 2022) may not show devices connected via cable in the general list. Check the section Local Area Network → DHCP for the full picture.
2. How to distinguish your device from someone else's: MAC and name analysis
Even if there are 10 items on the list of connected devices, not all of them may be unrelated. Here's how to separate "us" from "them":
| Sign | Your device | Someone else's device |
|---|---|---|
| Device name | Contains a model (eg. iPhone-14-Pro-Max, Samsung-Galaxy-S23) |
Random symbols (esp_123456, user-9876) or manufacturer's name (Xiaomi_AB:CD:EF) |
| MAC address | Matches the address in your gadget's settings (see below for how to check) | Unknown address, especially if it starts with 00:0C:29 (virtual machines) or B8:27:EB (Raspberry Pi) |
| IP address | Static (if assigned manually) or within your network's DHCP range | IP from an unexpected range (eg. 192.168.1.200, if your DHCP distributes up to .100) |
| Connection time | Matches your activity (for example, your smartphone connects in the morning) | Activity at unusual times (at night when everyone is asleep) |
To check your device's MAC address:
- 📱 Android:
Settings → About phone → General information → Wi-Fi MAC address - 🍎 iPhone/iPad:
Settings → General → About → Wi-Fi Address - 💻 Windows: run the command
ipconfig /allVCommand lineand find the linePhysical address - 🖥️ macOS:
System Preferences → Network → Advanced → Ethernet/Wi-Fi
Once a month|Only when the internet is slow|Never tested|I use automatic notifications-->
3. Hidden Connections: How to Find Devices That Are Not Shown on Your Router
Some hackers or "advanced" neighbors may mask their presence on the network using:
- 🕵️ Sleep mode: the device connects, but does not transmit data to avoid being included in the statistics.
- 🔄 Frequently changing MAC address (function MAC Randomization in new smartphones).
- 🌐 Connection through security holes (vulnerabilities WPS or WPA2).
To identify such devices, use network scanners:
- Angry IP Scanner (Windows/macOS/Linux):
- Download from the official website (free).
- Please enter your network's IP range (e.g.
192.168.1.1-192.168.1.254). - Run a scan and look for active hosts with unknown MAC addresses.
- Install from App Store or Google Play.
- Run a network scan—the app will show all devices, including those hidden from the router.
- Open
Command lineon behalf of the administrator. - Run the command:
arp -aIt will show a table of IP and MAC addresses of all devices on the local network.
- Compare the output with the list from the router - discrepancies will indicate hidden connections.
- Open
Terminal. - Perform:
nmap -sn 192.168.1.0/24(replace
192.168.1.0/24to your subnet). - Analyze the output: lines with
MAC Addressand statusup— active devices.
What to do if the scanner finds "invisible" devices?
If Angry IP Scanner or Fing show active IPs that are not in the router's web interface, this may mean:
1. The device is connected via cable (check the physical ports of the router).
2. A technique to bypass DHCP is used (for example, manual static IP).
3. There is a "smart" device (camera, light bulb) operating on the network that is not displayed in the basic list.
To block such a device, add its MAC address to the router's blacklist (section Wireless Mode → MAC Filter).
4. Command Line: Advanced Diagnostics for Windows and Linux
If you prefer to work without third-party programs, you can use the built-in OS tools.
For Windows:
For Linux/macOS:
⚠️ Attention: Teamnmapmay be blocked by some providers (eg. Rostelecom (in tariffs with scanning protection). If you see an errorPermission denied, try addingsudoin front of the team.
5. Mobile Apps for Wi-Fi Monitoring: TOP 3 Solutions
If you're uncomfortable using the command line, use specialized applications. We've tested dozens of utilities and selected the most effective:
- NetCut (Android/iOS)
- 🔍 Shows all devices on the network with manufacturer information (by MAC).
- ⚡ Can forcefully disable suspicious gadgets (function
Cut Off). - ⚠️ Requires root access on Android for full functionality.
- WiFi Guard (Android)
- 🛡️ Compares current connections with a "whitelist" of your devices.
- 📊 Keeps a connection history (useful for identifying late-night "guests").
- 🆓 The free version is limited to 5 devices per list.
- 📱 Optimized for iPhone/iPad with support Dark Mode.
- 🔗 Shows not only Wi-Fi, but also wired connections.
- 💰 The paid version ($2.99) removes ads and adds report export.
Update the app to the latest version|Check permissions (network access required)|Disable VPN (may interfere with scanning)|Compare data with the router's web interface-->
6. How to Block Unauthorized Devices: 3 Reliable Methods
Detected someone else's device? Here's how to disable it. forever:
- MAC address filter (recommended method):
- In the router's web interface, find the section
Wireless Mode → MAC Filter. - Add someone else's MAC to the blacklist or create a whitelist for your devices only.
- Apply the settings and reboot the router.
✅ Plus: works even if the attacker changes the IP.
❌ Minus: MAC address can be spoofed (but this requires special knowledge).
- In the router's web interface, find the section
- Changing your Wi-Fi password:
- Go to
Wireless Mode → Security Settings. - Set a new password (at least 12 characters, with numbers and special characters).
- Select encryption type
WPA3-Personal(if supported).
- Go to
⚠️ After changing your password, you will have to reconnect all your devices.
- WPS is vulnerable to brute force attacks (even if you don't use the button on the router).
- Find it in the settings
WPS → Disable.
7. Automated Monitoring: How to Receive Notifications About New Devices
To avoid having to check the connection list manually, set up automatic notifications:
- 🤖 Via a router:
Models ASUS (with firmware) Asuswrt-Merlin) And Keenetic Support sending email/SMS when a new device is added. Configure this in the section
Notifications. - 📧 Using IFTTT:
Service IFTTT can monitor the network through Google WiFi or TP-Link Deco and send alerts to Telegram.
- 🛠️ Self-written script:
For advanced users: script on
Pythonwith the libraryscapy, which scans the network and sends notifications.Sample code for automatic scanning
```python
from scapy.all import ARP, Ether, srp
import smtplib
def scan_network(ip_range):
arp = ARP(pdst=ip_range)
ether = Ether(dst="ff:ff:ff:ff:ff:ff")
packet = ether/arp
result = srp(packet, timeout=3, verbose=0)[0]
devices = []
for sent, received in result:
devices.append({'ip': received.psrc, 'mac': received.hwsrc})
return devices
Sending an email when a new device is detected
def send_alert(new_device):
# Here is the code for sending a letter (use smtplib)
pass
known_devices = [...] # List of known MAC addresses
current_devices = scan_network("192.168.1.0/24")
new_devices = [d for d in current_devices if d['mac'] not in known_devices]
if new_devices:
for device in new_devices:
send_alert(device)
```
⚠️ Warning: Automatic network scanning scripts may violate the rules of some providers (for example, Beeline (In corporate plans). Please check the terms in the contract before using.
FAQ: Frequently asked questions about checking your Wi-Fi network
Is it possible to find out what websites a connected device visits?
Yes, but for this you need:
- Install alternative firmware on the router (DD-WRT, OpenWRT).
- Set up traffic logging via
iptablesor Pi-hole. - Use analytics like Wireshark (requires skills).
⚠️ Without the user's consent, this may violate the law on personal data (Federal Law No. 152).
Why does an unknown device appear in the list of devices? Amazon-XX:XX:XX?
Most likely this is a device Amazon Echo (smart speaker Alexa) or Ring (video intercom) at your neighbors'. Some IoT gadgets automatically connect to open networks or networks with weak passwords. Block it by MAC address.
My router isn't showing a list of devices. What should I do?
Possible reasons:
- Outdated firmware - update it in the section
System → Software Update. - DHCP server is disabled - check in
Local Network → DHCP Settings. - Router in bridge mode - in this case, the main router maintains the client list.
Can my data be stolen via Wi-Fi?
Yes, if:
- You are using an outdated protocol.
WEPorWPA(and notWPA3). - There is a device with vulnerabilities on the network (for example, an old IP camera).
- The attacker connected and launched MITM attack (traffic interception).
🔒 How to protect yourself: enable encryption WPA3, turn it off WPS, and use VPN for critical operations (banking, mail).
My neighbors can connect to my Wi-Fi even though I have a complex password. How is this possible?
Possible scenarios:
- Password leak: someone from the family shared it or wrote it down in a prominent place.
- WPS vulnerability: even with a complex password
WPSallows you to guess the PIN in a few hours. - Dictionary attack: if the password is based on common phrases (eg.
qwerty123), it can be hacked. - Problems with the provider: sometimes operators (eg MTS or Megaphone) mistakenly duplicate router settings for different subscribers.
🛡️ Solution: change your password to a random one (use a password manager), disable WPS, and check if your internet is distributing Smart TV or a printer (some models create a guest network).