Modern router It's the hub of the digital home, connecting smartphones, computers, smart TVs, and home appliances into a single network. However, we often don't even notice that our network has been infiltrated by third parties who might be using it for their own purposes. A drop in internet speed or intermittent connection interruptions are just the tip of the iceberg, which may indicate that your Wi-Fi open to strangers.
Unauthorized access to your home network poses serious risks, including theft of personal data, interception of passwords from banking applications, and the use of your IP addresses for illegal activity. Attackers can connect undetected if you have a weak password or use an outdated encryption protocol. In this article, we'll detail how to identify intruders and block their access to your equipment.
The first step should always be to diagnose the current situation. Don't ignore any strange signals from your equipment, as timely detection can prevent confidential information leaks. Below, we'll cover the main symptoms, technical testing methods, and ways to strengthen your home network's security.
Symptoms of unauthorized access
The first and most noticeable sign of an intrusion on your network is often a sharp drop in internet speed. If you notice that pages are taking longer than usual to load, or high-definition video is constantly buffering, this could indicate that your connection is being overloaded with unauthorized traffic. It's especially alarming if these symptoms occur during hours when you're not downloading anything or watching online videos.
An indirect but important indicator of problems is the strange behavior of the indicators on the case. routerPay attention to the light bulb. WLAN or the wireless network icon: if it's actively and erratically blinking while all your devices are off or in sleep mode, this is a sure sign that someone else is actively transmitting data. Normally, when there's no activity, the indicators either remain solid or blink slowly.
⚠️ Attention: Don't rely solely on visual indicators. Some modern routers have a "silent" mode for their indicators or may display activity incorrectly due to software glitches. Always double-check your assumptions through the admin panel.
You should also be wary if your antivirus software starts issuing warnings about port scanning attempts or suspicious activity from the internal network. Sometimes, once hackers have accessed your network, they begin scanning connected devices for vulnerabilities. If you see messages about attacks being blocked from the local network, this means there's a hostile agent within the perimeter.
Checking via the router's web interface
The most reliable way to find out who exactly is connected to your Wi-Fi, is to access the router's settings. To do this, open any browser on a device connected to the network and enter the gateway's IP address in the address bar. Most often, this is 192.168.0.1 or 192.168.1.1, however, the address may differ depending on the equipment model and manufacturer.
After entering the address, the system will ask for your login and password to access the admin panel. If you've never changed these details, they may be default (e.g., admin/admin), which is already a serious security breach. Once inside, you need to find a section usually called "Client List," "DHCP Client List," "Wireless Status," or "Wireless Network Status."
This section will display a table of all devices currently receiving an IP address from your router. Carefully review the list and compare the number of active connections with the actual number of devices in your home. If you see a device you don't recognize, or the number of connections exceeds your expectations, there's an extra user on the network.
☑️ Checking the list of devices
It's important to note that some devices may appear under obscure names or have no name at all (Unknown). In this case, you should refer to MAC address — a unique identifier for the network interface. You can find it in your phone or computer settings and compare it with those displayed in the router's list.
Using specialized programs
For those who find it difficult to navigate the technical settings of their router, there are convenient network scanning utilities. One of the most popular and functional programs is Fing, available for both mobile devices and computers. It allows you to scan your network with one click and display a complete list of all connected devices, indicating their type, manufacturer, and operating system.
Another powerful tool is the program Wireless Network Watcher from NirSoft for Windows. It runs in the background and can automatically notify you with a sound or pop-up window whenever a new device appears on the network. This is especially useful for instantly responding to connection attempts, even when you're not near your computer.
Using third-party software offers the advantage of greater granularity. These programs can often determine not only the connection itself but also its approximate geolocation (by IP, if the device isn't hidden) or device model, even if it's attempting to disguise itself. However, it's important to remember that such programs only work when the device they're installed on is connected to the same network.
Are network scanning programs safe?
Using trusted utilities from reputable developers is safe. However, downloading questionable software from untrusted sites can lead to a virus infection. Always check the digital signatures of programs and download them from official sources.
Analyzing the table of connected devices
Once you've received a list of connected devices, the most important step is analysis. Not all unknown names indicate a hack. Routers often assign names like android-xyz or iphone-user, which can be confusing. To properly identify the equipment, you need to pay attention to the MAC address and the network card manufacturer.
Below is a table to help you navigate the device types and their possible designations in the router's client list:
| Device type | Possible online name | MAC prefix example | Status |
|---|---|---|---|
| Android smartphone | Android, Samsung, Xiaomi | A4:56:30, 00:1A:2B | Mine |
| Smart TV set-top box | Android TV, MiBox, Chromecast | 38:D4:6D, B8:27:EB | Mine |
| Windows laptop | DESKTOP-XYZ, LAPTOP-ABC | AC:22:0B, 00:50:56 | Mine |
| Unknown gadget | Unknown, ESP32, Generic | Unknown prefix | Suspicious |
Pay special attention to devices with prefixes that don't match your gadgets. For example, if you don't have any equipment from the manufacturer Espressif (often used in smart plugs and lamps), and a device with that MAC address is listed, this is cause for concern. Also, be wary if you see multiple devices of the same type when they shouldn't physically exist.
Methods for blocking uninvited guests
If you detect an intruder, you need to act quickly and decisively. The simplest, but temporary, method is to disable the device directly from the router interface. The client list usually has a "Block" button or a hand icon. Clicking it will terminate the connection for the selected MAC address.
However, blocking by MAC address is only a half-measure, as an experienced user can spoof (change) their device's MAC address and reconnect. Therefore, the only reliable solution is to completely change the wireless network password. After changing the password, all devices will be disconnected, and you will have to reconnect your devices using the new key.
It's also recommended to enable MAC filtering in "Allow only specified" mode. In this mode, you whitelist only your own devices, and the router will ignore any other connection attempts, even if the Wi-Fi password is somehow compromised.
⚠️ Attention: Before enabling strict MAC address filtering, make sure you've added ALL your devices to the list, including guest smartphones and smart devices. Otherwise, you risk losing access to your own network and having to reset your router to factory settings.
Strengthening wireless network security
To prevent the problem from recurring, ensure maximum security. First, check the encryption type in your wireless settings. Outdated protocols WEP and even WPA are hacked in minutes. The only relevant standard today is WPA2-PSK (AES) or its new version WPA3, if your router supports it.
Your passphrase should be complex: use a combination of uppercase and lowercase letters, numbers, and special characters. The password should be at least 12-15 characters long. Avoid using dictionary words, birth dates, or sequences like 12345678A good password is a set of random characters that is difficult to guess using brute force.
Don't forget about your router's firmware either. Manufacturers regularly release firmware updates that patch security holes. Go to the "System Tools" or "Administration" section and check for updates. Up-to-date firmware ensures that known vulnerabilities won't be exploited.
Frequently Asked Questions (FAQ)
Can my neighbor steal my internet if I changed my password?
If you've changed your password to a strong one and are using WPA2 encryption, it's impossible to steal your internet access. However, if the password was written down on a piece of paper and given to a neighbor, or you shared it with someone and then forgot it, access will remain. It's also theoretically possible to crack a password that's too weak using specialized software.
Does having someone else connected affect my internet speed?
Yes, absolutely. The Wi-Fi channel is shared between all connected devices. If someone is downloading 4K movies or playing online games on your channel, your speed will drop significantly and your ping (latency) will increase, making it impossible to enjoy the network comfortably.
Is it dangerous if someone else connects to my Wi-Fi?
This is very dangerous. While on the same network, an attacker could attempt to access shared folders on your computer, intercept unencrypted data (passwords from non-HTTPS websites), or use your connection to commit crimes that the police would then trace back to your IP address.
How often should I change my Wi-Fi password?
It's recommended to change your Wi-Fi password at least once every six months, as well as immediately after selling the phone or laptop on which it was saved. Changing your password is also essential if you no longer trust anyone who previously had access to your network.