Have you noticed your internet is slower than usual, and your activity indicator is flashing like crazy, even when you're not downloading anything? This could be the first sign that someone is using your wireless network. Unauthorized access Connecting to your home Wi-Fi not only means free movie downloads at your expense, but also a serious threat to the security of your personal data.
In today's world, with dozens of smart devices, from smartphones to refrigerators, connected to the internet, network control is becoming critical. Attackers can intercept traffic, steal passwords for banking apps, or use your connection for illegal activities. That's why the question... How to view a list of connected devices, becomes relevant for every router owner.
Fortunately, modern technologies allow you to quickly audit your network and, if necessary, disable the "intruder." You don't need to be a programmer or network administrator to handle this task. In this article, we'll explore proven diagnostic methods that will help you regain full control of your digital space.
⚠️ Warning: If you find an unfamiliar device, don't panic. Sometimes it could be your own smart kettle or TV that has changed its name. Always double-check the MAC addresses before blocking.
Primary signs of unauthorized access
Before moving on to complex technical verification methods, it's worth paying attention to indirect signs that are often ignored by users. Decrease in speed Internet speed is a classic symptom of bandwidth congestion. If you're paying for 100 Mbps and getting a barely noticeable 10, and your provider confirms there are no problems with the line, it means the bandwidth is being used by someone else.
It's also worth paying attention to the behavior of the indicators on the router's body. The light responsible for wireless data transmission (usually marked as WLAN or Wi-Fi), should flash in time with your actions. If it stays on or flashes continuously when all your devices are turned off or asleep, this is a clear sign of background activity.
- 📉 A sharp drop in page and video loading speed, even when not performing heavy tasks.
- 💡 Constantly blinking indicator Wireless with the devices turned off.
- 🔒 Unable to access router settings due to a "busy" error.
- 📱 Strange notifications about logging into accounts from unfamiliar IP addresses appearing.
Don't rely solely on your feelings. A subjective "I feel like the internet is slow" needs to be supported by facts. Use speedtest services To measure your actual speed, compare it with your plan. A 30-40% difference without any apparent cause is a reason to conduct a thorough network analysis.
Using the router admin panel to check
The most reliable and accurate way to find out who's using your WiFi is to delve into the "brain" of your network—your router's web interface. It displays complete information about all active connections in real time. First, you'll need the access address, which is usually found on a sticker on the bottom of the device.
Open your browser and enter the gateway IP address in the address bar. Standard addresses usually look like this: 192.168.0.1 or 192.168.1.1. After entering your login and password (by default this is often admin/admin) you'll find yourself in the control panel. You need to find a section that might be called "Client List," "Status," "DHCP Server," or "Wireless Statistics."
In this section, you'll see a table with connected devices. Their IP addresses, MAC addresses, and sometimes names (e.g., iPhone-Alex or PC-Buhgalter). If you see a device with a name you don't recognize, or the number of devices exceeds the number of devices you own, this is cause for concern.
☑️ Check via admin panel
⚠️ Note: Router interfaces from different manufacturers (Asus, TP-Link, D-Link, Keenetic) may differ. Look for tabs labeled "Client," "Station," or "List." If you've changed your admin password and forgotten it, you'll need to reset the settings using the "Reset" button. Reset.
It is important to understand that some devices may hide their name, appearing simply as Unknown or a set of numbers. In this case, use the MAC address as a guide. The first six characters of the MAC address (OUI) identify the network module manufacturer. By comparing this code with a manufacturer database, you can determine what kind of device it is—a phone, a laptop, or, say, a security camera.
Specialized programs and mobile applications
If accessing your router settings from your phone seems too complicated or inconvenient, specialized utilities can help. They scan the network automatically and provide easy-to-understand results. One of the most popular and functional tools is Wireless Network Watcher from NirSoft for PC.
This utility requires no installation, works instantly, and displays not only the IP and MAC address but also the network card manufacturer. There are also numerous apps for Android and iOS mobile devices, such as Fing or WiFi AnalyzerThey allow you to audit your network directly from your smartphone while within Wi-Fi range.
The advantage of such programs is their level of detail. They can show when a device first joined the network, how often it connects, and how much data it transfers. This helps identify those "guests" who only connect at night or when you're away.
| Software name | Platform | Functional | Complexity |
|---|---|---|---|
| Wireless Network Watcher | Windows | Full list, export, sound signal | Low |
| Fing | Android / iOS | Network scanner, vulnerability search | Low |
| Angry IP Scanner | Cross-platform | Port scanning and ping | Average |
| NetCut | Windows / Android | Speed cutting by others, monitoring | High |
However, it's important to remember that third-party applications request access to your local network. Use only trusted software from official stores or reputable developers. Installing questionable, cracked software designed to detect thieves could result in you becoming a victim of a virus.
How does port scanning work?
Port scanning allows you to determine which services are running on a device. For example, an open port 80 indicates a web server, while 21 indicates FTP. This helps determine the device type, but for the average user, knowing the IP and MAC address is sufficient.
MAC address analysis and device identification
The key element in identifying an intruder is the MAC address (Media Access Control Address). This is a unique identifier assigned to the network interface during manufacturing. Unlike the IP address, which the router can change with each connection, MAC address usually remains constant.
The MAC address format is six pairs of hexadecimal numbers separated by a colon or a hyphen (e.g., A1:B2:C3:D4:E5:F6). The first three pairs of characters (OUI) identify the manufacturer. Knowing the manufacturer, you can guess whose device it is. For example, if you don't have the equipment Sony, and the device with the Sony prefix is listed, it is a clear candidate for blocking.
You can use online OUI Lookup services to decode prefixes. Simply enter the first six characters of the MAC address, and the system will tell you which company owns that block of addresses. This is especially useful when the list includes something vague like "Android-xxx" or "Device-1234."
- 🏭 Apple: prefixes starting with 00:1C:B3, 00:25:00, 7C:31:31.
- 🇰🇷 Samsung: 00:1C:2C, 00:1E:7D, 3C:22:FB.
- 🇨🇳 Xiaomi: 64:09:80, 28:6C:07, A0:FA:87.
- 💻 Intel: 00:1E:4C, 00:21:5D, 34:02:86.
However, modern operating systems, such as iOS 14+ and Android 10+, use the "Private Wi-Fi Address" (Randomized MAC) feature by default. This means the phone can generate a random MAC address for each new network to hide its actual hardware. In this case, identifying the device by manufacturer won't be possible, and you'll have to rely on connection time and activity.
Methods for blocking uninvited guests
Once you've identified the intruder, the question arises: what to do next? The simplest, but not the most secure, method is to change the password. If you change the password to a complex and unique one, all devices will be disabled. You'll have to reconnect your devices, and the "neighbor" will be left out in the cold, since they don't have the new password.
A more professional approach is to use Blacklist (blacklist) or Whitelist (whitelist) in the router settings. Blacklist allows you to block specific MAC addresses. You simply copy the offending address from the client list and add it to the filter. The router will then ignore connection requests from that address.
Mode White List MAC filtering is the strictest mode. In this mode, the router blocks connections from ALL devices except those whose MAC addresses are on the allowed list. Even with the password, a new device will not be able to connect to the network without first being added to this list. This guarantees 100% protection, but can be inconvenient when guests arrive.
⚠️ Warning: MAC addresses can be spoofed. An experienced user could copy the MAC address of your authorized laptop and connect in its stead. Therefore, MAC filtering is a good barrier, but not a panacea.
If you use the password reset method, make sure the new password meets security standards: at least 12 characters, mixed-case letters, numbers, and special characters. Avoid simple combinations like your date of birth or phone number.
How to protect your WiFi network from re-hacking
It's not enough to just throw out the thief; you need to close the door and lock it. First, check the encryption protocol. In the wireless network settings (Wireless Settings) the mode must be selected WPA2-PSK or, ideally, WPA3WEP and WPA protocols are outdated and can be cracked in minutes using automated scripts.
The second important step is to disable the function WPS (Wi-Fi Protected Setup). This feature allows you to connect to the network by pressing a button or using a PIN code, but it contains critical vulnerabilities. Hackers use special utilities to brute-force the WPS PIN code, giving them access to your password. In the admin panel, find the WPS section and set the value Disable.
Also, don't forget about the router's software. Manufacturers regularly release firmware updates (Firmware Update), which patch security holes. Go to the "System Tools" or "Administration" section and check for a new version of the software.
- 🔐 Use encryption WPA2-AES or WPA3.
- 🚫 Turn off the feature
WPSin the router settings. - 🔄 Update your router firmware regularly.
- 👤 Change the factory password for logging into the router's admin panel.
- 📡 Disable Remote Management if you are not using it.
A comprehensive approach to security will make your network unappealing to random neighbors and a difficult target for more advanced users. Remember that absolute security doesn't exist, but your goal is to make hacking more difficult than finding someone else's open network.
Why is WPS so dangerous?
The WPS protocol uses an 8-digit PIN. Trying all the combinations would take forever, but the verification algorithm has a flaw: it checks the first and second halves of the code separately. This reduces the number of attempts from millions to a few thousand, which takes just a few hours.
Frequently Asked Questions (FAQ)
Can a neighbor steal my password if I haven't told it to anyone?
Yes, it's possible. If you have a weak password or use an outdated encryption protocol (WEP), it can be brute-forced or intercepted using special software. The password could also have been saved on a friend's device that later fell into the wrong hands, or you could have accidentally entered it on a phishing site.
Does having a connected "neighbor" affect my internet speed?
Absolutely. Wi-Fi has limited bandwidth. If your neighbor starts watching 4K videos or downloading large files, they'll take up a significant portion of your bandwidth, causing your webpages and videos to lag. Furthermore, a large number of devices puts a strain on your router's processor.
What should I do if I can't access my router settings?
If the default login and password (admin/admin) don't work, they may have been changed previously. In this case, only a hard reset will help. Find the small hole on the case. Reset, press it with a paperclip for 10-15 seconds while the router is turned on. This will reset the device to factory settings, and you'll be able to log in using the credentials from the sticker.
Is it safe for a thief to use speed-cutting software?
Using programs like NetCut or ARP spoofers may be considered a violation of network rules or even the law, as you are actively interfering with the operation of network equipment. It's safer and more legal to use the built-in blacklisting features of your router.