Have you noticed that your internet has become slower and your data usage is suspiciously high? Perhaps unauthorized devices have connected to your Wi-Fi network. According to Juniper ResearchEvery fifth home router has at least one unauthorized connection. In this article, you'll learn how to check the list of users connected to your Wi-Fi network—from standard methods via the router's web interface to advanced methods using specialized utilities.
Regardless of the router model, be it TP-Link Archer C6, ASUS RT-AX88U or Keenetic Giga — The process of checking connected devices follows a general algorithm. We'll look at options for different operating systems (Windows, macOS, Android), and we'll also show you how to monitor network activity in real time. Important: Some methods require administrator rights or access to the router's settings.
1. Checking via the router's web interface (universal method)
The most reliable way is to log into your router's control panel. This method works on 99% of models, including Xiaomi Mi Router, Zyxel Keenetic And D-Link DIRYou only need a browser and login information (usually found on a sticker on your device).
Instructions:
- 🌐 Open your browser and enter in the address bar
192.168.0.1or192.168.1.1(less often)192.168.8.1for some models TP-Link). If the IP address has changed, find it using the commandipconfig(Windows) orifconfig(macOS/Linux). - 🔑 Enter your login and password (by default it is often
admin/adminoradmin/empty). On routers Keenetic The password may be the same as the Wi-Fi password. - 📊 Find the section
Wireless network,DHCPorClients. IN ASUS ThisNetwork map, V TP-Link —Wireless → Wireless Statistics. - 📋 You will see a table with connected devices, where they will be indicated MAC addresses, IP addresses and host names.
Router model and firmware version|List of connected devices in the Wireless/DHCP section|Security settings (WPA2/WPA3 encryption type)|Guest network (if enabled)-->
In some firmware (for example, KeeneticOS) there is a function Traffic monitoring, which shows not only connected devices but also the amount of data consumed by each one. This will help identify data-hungry gadgets.
⚠️ Attention: If you see unknown devices in the list of devices MAC addresses with manufacturers like Xiaomi, Samsung or Apple, but you don't recognize them—it's not always a hack. Perhaps guest devices have connected to the network (for example, via the WPS) or smart gadgets (lamps, cameras).
2. Using mobile apps to monitor Wi-Fi
If accessing your router settings is inconvenient, you can use specialized apps. They scan the network and display all connected devices, sometimes even indicating the device model. Popular options include:
- 📱 Fing (Android/iOS) - identifies devices by MAC address, shows open ports and vulnerabilities. The free version is limited to one network.
- 🛡️ WiFi Guard (Android) — Compares current connections with a "white list" and notifies about new devices.
- 🔍 NetScan (iOS) — scans the local network and creates a map of connected devices, indicating the manufacturer.
- 📊 IP Tools (Android) - includes not only a Wi-Fi scanner, but also speed tests, ping, traceroute.
Example of working with Fing:
- Connect to your Wi-Fi network.
- Launch the app and click
Scan. - In 10-30 seconds you will receive a list of devices with IP, MAC, hostname and manufacturer.
- Click on an unknown device to see more information (such as open ports).
Fing|WiFi Guard|NetScan|IP Tools|Other/I don't use-->
Mobile apps are convenient because they allow you to check the network remotely - even if you're not at home. For example, Fing can send notifications when new devices appear. However, they do not replace full control via the router: some devices (especially with the mDNS) may be displayed without a name.
3. Viewing connected devices via the command line (Windows/macOS/Linux)
If you prefer to work without a graphical interface, you can use the operating system's built-in tools. This method is suitable for experienced users and allows you to retrieve data without installing additional software.
For Windows:
arp -a
This command will show the table ARP (Address Resolution Protocol), which will list all IP and MAC addresses of devices on the local network. To filter only active connections, first run:
ping 192.168.1.255
(replace 192.168.1 to your subnet, if it is different).
For macOS/Linux:
nmap -sn 192.168.1.0/24
This command will scan the entire subnet and list devices with MAC addresses and hostnames. If nmap not installed, it can be added via brew install nmap (macOS) or sudo apt install nmap (Linux).
| Team | operating system | What does it show? | Are administrator rights required? |
|---|---|---|---|
arp -a |
Windows | ARP table with IP and MAC | No |
ip neigh |
Linux | Neighboring devices on the network | No |
nmap -sn 192.168.1.0/24 |
macOS/Linux | Complete list of devices with hostnames | Yes (for some options) |
netsh wlan show hostednetwork |
Windows | Information about Wi-Fi distribution (if enabled) | Yes |
Please note: the command line will show all devices on the local network, including those connected via cable. To filter only Wi-Fi clients, compare the output with the data from the router's web interface.
4. Checking through the "Guest Network" function and parental controls
Many modern routers (for example, ASUS RT-AX58U or Netgear Nighthawk) support the function guest networkIt allows you to create a separate Wi-Fi hotspot with limited access to the main network. If you notice suspicious connections, check:
- 🔗 Is the guest network accidentally enabled (sometimes it is activated after a factory reset).
- 👤 Are there any third-party devices connected to it (guest networks often have a separate password or are even open).
- 📵 Are your guests using the main network instead of the guest network (this can be restricted via
VLANorClient Isolation).
It is also useful to look at the section Parental control (Parental Controls). Here you can:
- 🕒 View the connection history of devices (on some routers, for example, TP-Link).
- 🚫 Block unknown MAC addresses.
- ⏳ Limit access time for individual devices.
On routers Keenetic there is a convenient function Network segmentation, which allows you to divide devices into groups (e.g., "Home," "Guests," "IoT"). This helps control which devices have access to shared resources (printers, NAS).
5. Traffic analysis using specialized utilities
For deep network analysis, you can use professional tools such as Wireshark or GlassWireThey allow you not only to see connected devices but also to track how much traffic they consume.
Wireshark (Windows/macOS/Linux):
- 📥 Download and install the program from the official website.
- 🔍 Select the network interface (Wi-Fi adapter) and start capturing packets.
- 🔎 Enter in the filter
wlan.addr == [your_router_MAC]to see traffic from your network only. - 📊 In the section
EndpointsorStatistics → Protocol HierarchyYou will see all devices exchanging data with the router.
GlassWire (Windows/macOS/Android):
- 📊 Shows real-time graphs of traffic consumption by device.
- 🚨 Notifies you of suspicious activity (for example, if an unknown device is downloading large amounts of data).
- 🔒 Allows you to block connections at the firewall level.
How to find out the manufacturer of a device by MAC address?
The first 6 characters of the MAC address (eg. B8:27:EB For Raspberry Pi or 78:31:C1 For Apple) indicate the manufacturer. Check them through databases like MAC Vendors or built-in tools in Wireshark (Statistics → Endpoints → Ethernet).
These utilities are useful if you suspect that someone has not only connected to your network, but also actively uses it (For example, for downloading torrents or DDoS attacks). However, they require certain skills: without filtering, you'll receive a huge amount of data that's difficult to navigate.
6. How to block unauthorized devices: step-by-step instructions
If you detect unknown devices, you need to block them. Here's how to do this on most routers:
- 🔒 Change your Wi-Fi password:
- Go to the router's web interface (see Section 1).
- Go to
Wireless Network → Security Settings. - Select
WPA2-PSKorWPA3-SAE(don't use outdatedWEP!). - Create a complex password (at least 12 characters, with numbers and special characters).
- 🚫 Add devices to the blacklist by MAC address:
- Find the section
MAC FilterorAccess control. - Enter the MAC addresses of unknown devices and select
Deny(to prohibit).
- Find the section
- 🔄 Disable WPS:
- WPS is vulnerable to brute-force attacks. Disable it in the section
Wi-Fi Protected Setup.
- WPS is vulnerable to brute-force attacks. Disable it in the section
- Outdated firmware contains vulnerabilities. Check for updates in the section
AdministrationorFile. - Reset to factory settings (
Resetbutton on the back panel). - Install the latest firmware version from the manufacturer's official website.
- Reconfigure your router using strong passwords for the admin panel and Wi-Fi.
If suspicious connections reappear, your router may have been compromised at the firmware level. In this case:
⚠️ Please note: Some internet service providers (eg. Rostelecom or Beeline) block access to router settings if it's rented. In this case, contact support or request an unblocking request through your personal account.
7. Common mistakes and how to avoid them
When checking connected devices, users often encounter typical problems:
- ❌ I can't see all my devices in the router's web interface.:
Reason: Some devices may be connected via
Ethernet(cable) or use a static IP. Solution: check the sectionDHCP ClientsorLAN. - ❌ "MAC addresses are shown as unknown":
Reason: The device manufacturer is not registered in the database. Solution: Use Wireshark or online services like MAC Vendors Lookup.
- ❌ "After changing the password, unknown devices reappear.":
Reason: Someone might be connecting through
WPSor exploits a router vulnerability. Solution: Disable WPS and update the firmware. - ❌ The app shows devices that aren't in the web interface.:
Reason: The app may be scanning nearby networks. Solution: Make sure you're connected to your Wi-Fi hotspot.
Another common mistake is ignoring guest networkMany people forget that it can be active and open for connection without a password. Always check its settings!
FAQ: Answers to frequently asked questions
Is it possible to see connected users without access to the router?
Yes, but with limitations. You can use mobile apps (Fing, NetScan) or command line (arp -a, nmap). However, without administrator rights, you won't be able to block devices or see full information (such as connection history).
How can I distinguish my device from someone else's in the list of connected devices?
Compare MAC addresses or hostnames. You can find your device's MAC address:
- On Windows:
ipconfig /all(look for the linePhysical Address). - On Android:
Settings → About phone → General information → Wi-Fi MAC address. - On iOS:
Settings → General → About → Wi-Fi Address.
Also pay attention to the manufacturer in the MAC address (the first 6 characters). For example, 3C:5A:B4 - This Google (maybe yours Nest or Chromecast).
What should I do if an unknown device named "android-XXXX" or "iPhone" appears on the network?
This isn't necessarily a hack. Possible causes:
- 📱 A guest has connected to the network (for example, via
WPSor guest access). - 🤖 It could be a smart device (for example, Xiaomi or Amazon Echo), which automatically connected to the saved network.
- 🔄 Perhaps it’s your old device that you forgot about (for example, a tablet or a smartwatch).
Recommendation: Temporarily disable this device in your router settings and see if it disappears from the list. If the internet connection continues to work reliably, block it permanently.
Can my neighbor connect to my Wi-Fi if I have a strong password?
Theoretically yes, but it's unlikely. Modern encryption standards (WPA2/WPA3) reliably protect the network if:
- 🔐 Password contains 12+ characters (including capital letters, numbers and special characters).
- 🔄
WPSdisabled. - 📡 The router does not use outdated protocols (
WEP,WPA).
However, there are other ways to hack:
- 🕵️ Phishing: An attacker can create a fake login page for the router.
- 💻 Firmware vulnerabilitiesIf your router hasn't been updated for a long time, it can be hacked using exploits.
- 📡 Attacks on clients: If one of your devices is infected with a virus, it can "share" access.
Solution: Update your firmware regularly and use guest network for unverified devices.
How can I check if my neighbor is stealing my Wi-Fi if I don't see his devices in the list?
If you suspect a hidden connection, do the following:
- 📉 Check it out traffic usage In your provider's personal account. If your consumption is significantly higher than usual, someone is using your network.
- 🔍 Use Wireshark for packet analysis. Filter
ip.src != [your_IP] && ip.dst != [your_IP]will help identify suspicious activity. - 🕒 Disconnect all your devices from Wi-Fi and see if there is still activity on the network (for example, if the indicator is blinking
WANon the router). - 🔄 Change Wi-Fi channel in your router settings. If the speed returns to normal, the problem may have been interference, not traffic theft.