Discovering an unknown device in your router's list of connected clients is always a warning sign that requires immediate attention. Internet speeds can drop, and sensitive data becomes vulnerable to interception if an unauthorized person gains access to your access point. Modern encryption and hardware configuration methods can effectively combat "neighbor traffic," but they require a careful approach to configuration.
In this article, we'll detail the steps you need to take to regain full control of your home network. You'll learn how to identify intruders, use IP filtering, and configure security settings to prevent re-intrusion. Perimeter protection Your local network starts with understanding who is connected to it right now.
Before taking active blocking measures, it's necessary to conduct a thorough audit of your current connections. Forgotten gadgets, smart plugs, or TVs that automatically connect to the network are often mistaken for "hackers." The only reliable way to distinguish your device from someone else's is to check the unique MAC addresses in the gadgets' settings and in the router interface.
Identifying connected devices
The first step in ensuring security is to accurately determine who exactly is consuming your traffic. The admin panel of any modern router, whether TP-Link, Asus or Keenetic, contains a section with information about current clients. This section is usually called "Client List," "DHCP Client List," or "Wireless Status." IP addresses, MAC addresses, and sometimes device names are displayed here.
To conduct an effective check, you'll need to go through all the gadgets in your home: smartphones, laptops, tablets, and smart devices. In the settings for each device, find the "About Phone" or "Status" section, where the physical address (MAC) is listed. Compare this data with what the router sees. If the list contains an address that doesn't match any of your devices, it means someone else has gained access.
⚠️ Note: Some devices may hide their real names, appearing as "Unknown" or "Android," making initial identification difficult. Rely solely on MAC addresses, as names can be spoofed or may be uninformative.
Modern operating systems like iOS and Android often use a "private Wi-Fi address" feature to enhance privacy. This means that each time you connect to a new network or after resetting your network settings, your device may generate a new, random MAC address. If you see a device with an unfamiliar address in your router, try disabling Wi-Fi on all your devices and see if the suspicious entry disappears from the list of active clients.
Using specialized network scanning applications such as Fing or WiFiman, can significantly simplify the audit process. These programs not only display a list of connected devices, but also often have a database of network card manufacturers, allowing you to determine the brand of the device based on the first bytes of the MAC address (for example, Samsung, Apple, Huawei). This helps you quickly understand whether the device is a smart light bulb or someone else's laptop.
Changing the password and encryption type
The most radical and effective method for banishing all uninvited guests is to completely change the wireless network access key. Changing the password in the router settings will disconnect all connected devices, requiring them to enter the new key to reconnect. This is guaranteed to disconnect anyone who knew the old password.
When setting up security, choosing the right encryption type is critical. Legacy protocols WEP and even WPA (TKIP) are cracked in minutes using automated scripts. In the wireless settings menu (Wireless Settings) you need to select the mode WPA2-PSK (AES) or, if the equipment supports it, WPA3These standards provide reliable encryption of transmitted data.
Your password should be complex but memorable. Use a combination of uppercase and lowercase letters, numbers, and special characters. It should be at least 12 characters long. Avoid obvious combinations like your date of birth or phone number. After changing your password, be sure to update it on all your trusted devices.
Some ISPs or router manufacturers use simple default passwords printed on a sticker on the bottom of the device. If you've never changed the factory settings, your password is likely widely known or even published in open databases. Changing the factory password to a personalized one is basic network security.
☑️ Password Security Checklist
MAC address filtering
A more sophisticated access control tool is MAC filtering. This feature allows you to create a "whitelist" of devices allowed to connect to the network, or, conversely, a "blacklist" of those denied access. Configuration is performed in the section Wireless MAC Filtering or "MAC Address Filter".
The "Allow" mode is the most restrictive. In this mode, the router will ignore connection requests from all devices whose MAC addresses aren't included in the rules table. Even if an attacker learns your password, they won't be able to connect because their physical address isn't authorized. This creates a double barrier of security.
However, this method has a significant drawback: every time you buy a new gadget or have guests over, you'll have to manually enter their MAC addresses into the router settings. This is acceptable for a home network with a constant set of devices, but it reduces flexibility.
"Deny" mode is convenient for targeted blocking of a specific intruder you've already identified. You simply add their MAC address to the blocked list, and the router terminates the connection to that device. However, an experienced user can bypass this protection by changing their network card's MAC address to an allowed one (address cloning).
| Parameter | Description | Recommendation |
|---|---|---|
| Allow mode | Access only for selected people | Maximum security |
| Deny mode | Blocking specific addresses | For one-time blocking |
| MAC cloning | Address substitution by an attacker | Risk of bypassing protection |
| Complexity | The complexity of setup | High for Allow mode |
How to find out the MAC address of someone else's device?
If a device is already connected to your network, its MAC address will appear in the router's client list. You can copy it from there to add it to the blacklist. However, if an attacker is using stealth scanning mode, it may be difficult to see it in the list of active connections until they actively transmit data.
Hiding the network name (SSID)
Another layer of security is hiding the network's service set identifier (SSID). By default, the router broadcasts the network name, and anyone within range sees it in the list of available connections. Disabling SSID broadcasting makes the network "invisible" to regular users.
To connect to a hidden network, users must manually enter the network name (SSID) and password in their device's Wi-Fi settings. This creates an inconvenience for random passersby or lazy neighbors looking to "make a buck" on free internet. However, for an experienced hacker, hiding the SSID isn't a significant obstacle, as the network name is transmitted in service data packets anyway.
Enabling this feature is often found in the same wireless settings as changing the password. The option is usually called "Enable SSID Broadcast"—it should be disabled. After this, the network will disappear from the visible list but will continue to function.
⚠️ Note: Hiding the SSID may cause connection issues with some smart home devices that don't support manual network name entry. Before activating, ensure your IoT devices are compatible with this mode.
It's important to remember that hiding your network name doesn't encrypt your traffic or prevent data interception. It's a method of "security through obscurity" that's only effective when combined with a strong password and WPA2/WPA3 encryption.
Setting up a guest network
If you frequently have guests or have many smart devices that are potentially vulnerable, creating a guest network is the optimal solution. This feature allows you to set up a second access point with a separate name and password, isolated from your main local network.
A guest network typically has a speed limit and prevents access to files on your computer or network-attached storage (NAS). Even if a guest introduces a virus or attempts to scan your network, your main infrastructure will remain secure. Setting up a guest network takes just a couple of minutes in the router interface.
You can set time-based access restrictions, such as allowing connections only during certain hours or limiting the number of simultaneously connected devices. This gives you complete control without having to constantly change your main network passwords.
Using guest mode is also convenient for Internet of Things (IoT) devices. Cameras, light bulbs, and power outlets often have weak built-in security. By placing them on an isolated network segment, you prevent these devices from being used as entry points for attacks on your computers and smartphones.
Additional protective measures
In addition to the basic methods, there are a number of additional settings that enhance perimeter protection. First and foremost, this is disabling the function WPS (Wi-Fi Protected Setup). Despite the convenience of connecting via a PIN code or push-button, this protocol has critical vulnerabilities that make it easy to brute-force the PIN code and gain access to the network.
It's also recommended to regularly update your router's firmware. Manufacturers constantly release patches to fix security holes. You can check for updates in the "System Tools" or "Administration" sections. It's best to enable automatic updates, if available.
Don't forget to change the password not only for your Wi-Fi, but also for your router's administrative panel. Standard logins are something like admin/admin are well known. If an attacker gains access to your router's settings, they can redirect your traffic or completely block the device.
Why is WPS so dangerous?
The WPS protocol uses an 8-digit PIN code. The code verification algorithm is such that trying all possible combinations takes not years, but a few hours or even minutes using specialized software. Disabling WPS in the router settings completely eliminates this attack vector.
Monitoring the router's indicator lights can also be helpful. If you see the WLAN (wireless network) indicator blinking actively when all your devices are asleep or turned off, this is a sure sign of unauthorized activity. In this situation, you should immediately audit your connections.
What should I do if my router gets blocked after changing settings?
If you've lost access to your router or it's stopped sharing internet after changing security settings, try a factory reset. There's a button on the device for this. Reset, which you need to hold for 10-15 seconds while the power is on. After this, the router will return to its original state, and you will have to reconfigure the internet and Wi-Fi.
Can my neighbor slow down my internet if he has his own router?
A neighbor can't directly use your internet if they don't know the password. However, if you live in an apartment building, multiple neighbors' routers may be operating on the same channel as yours, causing interference. This isn't data theft, but it can cause a slowdown. The solution is to change the router's broadcast channel to a less congested one (for example, from 1 to 6 or 11).
How often should I change my Wi-Fi password?
At home, frequently changing your password (for example, once a month) creates more inconvenience than actual security if you have strong WPA2/WPA3 encryption and a complex password. It's sufficient to change it if you suspect a hack or if tenants change. In an office environment, it's recommended to review your password change policy every 3-6 months.
Is my browsing history visible to anyone who connects to my Wi-Fi?
Simply connecting to your Wi-Fi doesn't automatically grant access to your devices' browser history. However, if an attacker gains access to your router's admin panel, they could theoretically enable logging of visited websites (if the router supports it) or use traffic sniffers to intercept unencrypted data. Therefore, router security is critical.
Will an antivirus program on my computer help if my Wi-Fi is hacked?
Antivirus software protects against malware, but it can't prevent outside access to your local network if the router itself is hacked. If someone has connected to your Wi-Fi, they're inside your perimeter. Therefore, protecting the access point (router) is paramount, not just the endpoints.