A sudden drop in internet speed or unstable video conferencing are often the first warning signs for home network owners. When a gigabit plan devolves into a crawling data stream, the natural question arises: has a "neighbor" become an uninvited guest in your digital infrastructure? In today's world, where smartphones, smart lamps, TVs, and consoles are all connected to the internet, it's easy to get lost in your gadgets, but the possibility of unauthorized access can't be discounted.
Understanding that, How to see who is connected to Wi-FiMonitoring your internet connection is a basic digital hygiene skill every user needs. It not only helps restore fair traffic distribution but also closes security holes that could allow attackers to access personal files or banking data. There are several proven monitoring methods, from built-in router features to specialized smartphone software.
In this article, we'll detail the steps required for devices from different manufacturers, explore the features of mobile apps, and discuss what steps to take if you detect someone else's device. It is important to understand, that the methods may differ slightly depending on the firmware version of your router, but the general principle remains the same for all models.
⚠️ Attention: If you discover an unknown device, don't rush to change the password. First, make sure it's not a smart plug, refrigerator, or a relative's guest phone, which may have connected automatically in the background.
Using the router admin panel to check
The most reliable and accurate way to get a complete picture of your connections is to log into your router's web interface. The router is the central hub of the network, so it has the most up-to-date information on all active IP addresses and MAC addresses. First, you need to find the default gateway address, which is usually located on a sticker on the bottom of the device (often 192.168.0.1 or 192.168.1.1).
After entering the address in the browser, you will be required to log in. If you have never changed your default login information, it will also be on the sticker (login/password). admin/admin). However, if you were security-conscious earlier, you'll need the credentials you set up. Once inside, look for sections with names like "Status," "Network Map," "DHCP Server," or "Client List."
Interfaces vary greatly from manufacturer to manufacturer, but the logic is the same. You'll see a table with an IP address and MAC ID assigned to each device. MAC address — is a unique physical identifier for a network card, which is more difficult to forge than an IP address. It's the easiest way to identify a rogue device by checking the first six characters (OUI) against a manufacturer database.
Below is a table with example customer list paths for popular brands:
| Manufacturer | Menu section | Subsection |
|---|---|---|
| TP-Link | Basic / Wireless | Wireless Statistics |
| ASUS | Network map | Clients (bottom of page) |
| Keenetic | Client list | Home network |
| D-Link | Status | Local Area Network (LAN) |
Mobile applications for network monitoring
If you're temporarily unavailable to your computer or want to run a test on the go, specialized smartphone apps are a great solution. They scan the Wi-Fi airwaves and list all the devices your phone can see on the current network. This is convenient, but it's important to remember that your smartphone only sees what it can see, and sometimes may not display devices hidden by isolation settings.
One of the most popular tools is the application FingIt automatically detects the device type (e.g., Apple iPhone or Samsung TV), displays IP and MAC addresses, and connection speed. Other useful utilities include WiFi Analyzer And Network ScannerMost of them work on the "one-click" principle: start the scan and get the results.
When using such programs, pay attention to access rights. For the network scanner to work correctly, Android Often, permission to access geolocation is required, as this is a system limitation of the platform for working with the Wi-Fi module. iOS Functionality may be limited due to Apple's security policies, but basic scanning is usually available.
Why does the app ask for location access?
In the Android operating system, scanning Wi-Fi networks (even the one you're connected to) is technically equivalent to collecting location data, as the access point's MAC addresses can be used to determine its coordinates. Without this permission, the app simply won't receive the system's list of devices.
Analyzing a list of devices via the command line
For users who prefer a graphical interface and maximum speed, there's a command-line method. This allows you to quickly retrieve the ARP (Address Resolution Protocol) table, which stores the mapping between the IP and MAC addresses of devices your computer has recently communicated with.
To use this method in Windows, click Win + R, enter cmd and press Enter. In the window that opens, enter the command arp -aYou'll see a list of IP addresses and their corresponding physical addresses. However, there's a catch: not all devices on the network are displayed here, only those with which your PC has exchanged data packets.
For a more in-depth analysis, you can use the utility nmap, if it is installed. The command nmap -sn 192.168.1.0/24 (replace the subnet with yours) will force a poll of all addresses in the range and show who responded. This is a more powerful tool, but it requires additional software and basic command syntax.
C:\Users\User> arp -aInterface: 192.168.1.5 --- 0xb
Internet address Physical address Type
192.168.1.1 00-1a-2b-3c-4d-5e dynamic
192.168.1.15 a4-5e-60-f1-22-33 dynamic
192.168.1.255 ff-ff-ff-ff-ff-ff static
Identifying devices by MAC address
The hardest part of the process is understanding what exactly is hidden behind a set of numbers and letters like B8:27:EB:4A:1C:9DAs mentioned, the first three bytes (six characters) of a MAC address are the manufacturer's unique identifier (OUI). Knowing these bytes allows you to accurately identify the brand of a device, even if it's simply labeled "Unknown."
There are online services and OUI databases where you can enter the first 6 characters of an address. For example, the prefix B8:27:EB belongs to Raspberry Pi, and 00:1A:79 This is common among Apple devices. This helps alleviate panic: if you see a Hikvision or Dahua device and you don't have cameras, that's cause for concern. If it's an Espressif, it's most likely a smart light bulb or plug.
It's also helpful to keep a list of your gadgets' MAC addresses. Write them down in a notebook or take a photo of the Wi-Fi settings on each device when you first set up your network. This will save you a ton of time in the future when conducting a security audit. Modern routers often have a client renaming feature right in the interface—use it, labeling devices as "TV," "Phone_Dad," or "Laptop_Work."
- 📱 Apple: often start with prefixes 00:1C:B3, 3C:07:54, A4:5E:60.
- 🖥️ Dell/HP: Computers often have addresses starting with 00:14:22 or B0:83:FE.
- 🏠 IoT devices: Chinese gadgets often use Espressif (prefix 24:0A:C4) or Tuya chips.
What to do if a stranger is found
Discovering an unfamiliar device in the client list is a signal for immediate action. Passively waiting or hoping for it to "go away" won't work. The first and most effective step is to completely change the Wi-Fi network password. Changing the password will disable all devices, and you'll have to re-enter the new key on your devices.
The second step is to check the encryption type. Make sure the standard is selected in the router settings. WPA2-PSK (AES) or, if the equipment allows, WPA3Using the outdated WEP or WPA/TKIP protocol makes your network vulnerable to hacking in minutes, even without sophisticated tools. Also, disable the WPS function, as it's often a security hole.
⚠️ Attention: Some advanced users may use MAC address cloning methods. If the "ghost" returns after changing the password, someone may be copying the address of your trusted device. In this case, MAC address filtering (White List) can help.
☑️ Action plan in case of hacking
Setting up filtering and guest access
To prevent future incidents, we recommend setting up a guest network. This is a virtual Wi-Fi network with a separate name and password that doesn't have access to your primary devices (printers, NAS storage, computers with important data). You provide your guests with the password for the guest network, and keep your devices on the "sterile" primary network.
An even more stringent control method is MAC filtering. You can configure your router to allow only a strictly defined list of devices onto the network. All others, even with the password, will be blocked. This is a reliable method, but it requires manual registration of each new device, which can be inconvenient if you often have friends over with their phones.
Regularly monitoring your client list should become a habit. Check your router's admin panel once a month. It only takes a minute, but it gives you confidence that your digital perimeter is intact. Remember, security is a process, not a one-time action.
Can my neighbor steal my internet if I changed my password?
If you've changed your password to a complex one (more than 12 characters, including numbers and letters) and use WPA2/WPA3 encryption, your neighbor won't be able to guess it easily. However, if you have WPS enabled, it can be bypassed. There's also a risk if the password was saved on a device that's been used by others, or if one of your guests has installed a password locator app that automatically uploads keys to a shared database.
Does having one phone connected affect my internet speed?
Modern routers can distribute bandwidth, but the bandwidth is divided among all active users. If your "neighbor" is simply reading the news, you won't notice. But if they're downloading torrents, streaming 4K video, or playing online games, your ping will increase and your download speed will drop, especially on less powerful plans.
How do I hide my device from the router's list?
It's impossible to completely hide from your router, as to obtain an IP address, the device must exchange data packets, which are visible to the administrator. However, you can use the "Hide SSID" (network name) feature to prevent the router from appearing in the list of available networks, but this is only a weak defense against prying eyes, not hackers.