Have you noticed your internet has slowed down and your data usage is unusually high? Someone else might be accessing your Wi-Fi. Unauthorized access Accessing your home network not only steals your traffic, but also creates security risks—from data interception to infecting devices with viruses.
In this article you will learn how check the list of connected devices on routers of popular brands (TP-Link, ASUS, Keenetic, MikroTik), identify suspicious activity and block other people's gadgetsWe will examine both software methods (via the router's web interface) and specialized applications for Android And iOS.
We will pay special attention to hidden connections via MAC spoofing — when attackers disguise their devices as legitimate ones. Such cases require in-depth diagnostics, and we'll show you how to spot them.
1. Signs that strangers have connected to your Wi-Fi
Before checking your router, pay attention to indirect signals. They will help you determine whether there's any cause for concern:
- 📉 A sharp drop in speed — especially during non-working hours when you are not actively using the Internet.
- 🔄 Unexplained reconnections — the router spontaneously disconnects from your devices.
- 💾 Lack of traffic — if you have a limited data plan and your gigabytes disappear within a few days.
- 🔌 WAN/LAN light on on the router at night, when all devices are turned off.
- 🛡️ Antivirus issues warnings about suspicious network attacks from the local network.
These symptoms don't always indicate a hack—the problem could be an overloaded ISP channel or a faulty router. But if you notice 2-3 signs at the same time, it's time to check the list of connected devices.
2. How to view a list of devices through the router's web interface
The most reliable way is to access your router's control panel. The instructions are universal for most models, but the menu paths may vary. We'll provide up-to-date information for popular brands (interfaces are updated, so exact names of points (Please check the documentation for your model.)
General algorithm:
- Connect to the router via cable or Wi-Fi.
- Enter in the address bar of your browser
192.168.0.1,192.168.1.1or another IP (indicated on the router sticker). - Log in (standard login/password -
admin/adminoradmin/empty). - Find the section with the list of clients (see table below).
| Router brand | Path to the list of devices | Additional functions |
|---|---|---|
| TP-Link | Basic → Network Map or DHCP → Client List |
Shows MAC, IP, device name and consumed traffic |
| ASUS | Network Map → Clients Status |
Traffic consumption charts by device |
| Keenetic | Home Network → Devices |
Ability to lock your device in 1 click |
| MikroTik | IP → DHCP Server → Leases |
Requires knowledge Winbox for deep analytics |
| Xiaomi | Mi Wi-Fi → Devices (in the mobile app) |
Notifications about new connections |
In the list, pay attention to:
- 🆔 Unknown MAC addresses (format
XX:XX:XX:XX:XX:XX). - 📱 Strange device names (For example,
android-123456instead ofiPhone-Marina). - 🕒 Activity during non-working hours (at night or when you are not at home).
Check the MAC address using a search engine (it may belong to your smart kettle)
Unplug the device and see if it disappears from the list.
Use a network scanning app (such as Fing)
Block the MAC address in your router settings-->
⚠️ Attention: Some routers (eg. Zyxel Keenetic) only show devices connected via DHCP. If the attacker manually entered the IP, it won't be listed. For a full check, use arp -a in the command line (instructions in the next section).
3. Checking connected devices via the command line (Windows/macOS/Linux)
If your router's web interface is limited or you want to access more detailed data, the command line can help. This method works on any device on your network.
For Windows:
arp -a
For macOS/Linux:
arp -n
You'll see a table with IP and MAC addresses. Compare it with the list from the router's web interface. Note the following:
- 🔍 Dynamic addresses (in the column
typewilldynamic). - ⏳ Static posts, which do not disappear after rebooting the router.
- 🔗 Multiple MACs per IP — a sign of ARP spoofing.
To get more information about a device by MAC address, use services like MAC Vendors or WiresharkFor example, if the address starts with B8:27:EB, this device is from Raspberry Pi, A 3C:5A:B4 - gadgets Google.
How to recognize MAC spoofing?
Attackers can spoof their MAC address to match that of your device (e.g., TV). To detect this:
1. Disconnect all your gadgets from the network.
2. Check if devices with the MAC addresses of your devices remain in the list of connections.
3. If so, this is a sign of spoofing. Immediately change your Wi-Fi password and enable MAC filtering in your router settings (although this isn't a panacea).
4. Mobile applications for monitoring Wi-Fi networks
If using the command line is inconvenient, use specialized applications. They scan the network and display connected devices along with additional information, such as manufacturer, device type, and bandwidth usage.
Top 5 apps for Android And iOS:
- 📱 Fing — identifies open ports and device vulnerabilities.
- 🛡️ NetCut — allows you to block suspicious devices directly from the app.
- 🔍 WiFi Guard — sends notifications about new connections.
- 📊 Network Analyzer — creates graphs of network activity.
- 🔐 GlassWire — monitors traffic in real time.
Example of working with Fing:
- Download the app and connect to your network.
- Click
Scan— after 10-20 seconds a list of devices will appear. - Click on a suspicious device to reveal information about the manufacturer, IP address, and MAC address.
- Use the function
Pingto check if the device is responding.
⚠️ Attention: Some applications (eg. NetCut) require root rights Android to block devices. Without them, they only work in scanning mode. iOS Due to system limitations, the scanners' functionality is severely limited—use them only for viewing the list.
5. How to block someone else's device on the network
If you've identified a foreign device, you need to disable it. The methods depend on the router model:
Method 1: Blocking by MAC address
The most reliable method is to add the MAC address to the blacklist:
- In the router's web interface, find the section
MAC FilterorAccess Control. - Select
Blacklist(blacklist) and add the address. - Save the settings and reboot the router.
Method 2: Change your Wi-Fi password
If MAC blocking is unavailable or the attacker is using spoofing:
- In the router settings, go to
Wireless → Security. - Select encryption type
WPA2-PSK(orWPA3, if supported). - Create a complex password (at least 12 characters with numbers and special characters).
- Save the changes - all devices will be disconnected and will need to reconnect.
Method 3: Disabling DHCP and manually assigning IP
For advanced users:
- Disable the DHCP server in the router settings (
LAN → DHCP Server). - Manually assign IP addresses to your devices only.
- Someone else's gadget will not be able to obtain an IP automatically and connect.
6. How to protect your router from future hacking
Even after blocking other people's devices, it is important eliminate vulnerabilities, which could be exploited by attackers. Key measures:
- 🔒 Change the default password for the admin panel - many routers have default
admin/admin, which are easy to pick up. - 🔄 Update your router firmware - outdated versions contain vulnerabilities (for example, CVE-2021-20090 V TP-Link).
- 📡 Disable WPS — this protocol is vulnerable to brute-force attacks (even if it is disabled in the settings, check the physical button on the router).
- 🌐 Change the network name (SSID) - do not use personal information (eg.
Ivanov_WiFi). - 🕶️ Hide the network - disable SSID broadcasts (but this is not a panacea, experienced hackers will find the hidden network).
- 📡 Reduce signal strength — if your router supports it, make sure your Wi-Fi doesn't "broadcast" outside your apartment.
For maximum security, please set up guest network for devices with a low trust level (smart bulbs, friends' TVs). Leave the main network only for your gadgets with WPA3- encryption.
⚠️ Attention: If your router supports802.11r(fast roaming), disable this feature - it can create security holes. Also, check ifUPnP(Universal Plug and Play), which is often exploited for attacks.
7. What to do if a hacker still penetrates your network
If, after all these steps, someone else's device continues to appear online, this is a sign of a targeted attack. Possible causes and solutions:
| Sign | Possible cause | Solution |
|---|---|---|
| The device is returned after changing the password | The attacker uses keylogger on your PC or smartphone | Check your devices for viruses and change passwords on all services. |
| New MAC addresses appear with the same vendor | Attack through MAC spoofing with address generation | Turn on ARP-binding in the router (IP to MAC binding) |
| The network slows down at the same time | The neighbor is using Wi-Fi jammer or overloads the channel | Change the Wi-Fi channel in the router settings (use 5 GHz) |
| The router reboots spontaneously | Exploitation of a vulnerability in firmware (e.g. CVE-2022-26258) | Roll back the firmware to a stable version or install an alternative one (DD-WRT) |
In extreme cases:
- 🔧 Reset your router to factory settings (button
Resetfor 10 seconds). - 🛡️ Install alternative firmware (OpenWRT, DD-WRT) with advanced security features.
- 📞 Contact your provider — perhaps the hack occurred at the level of their equipment.
FAQ: Frequently Asked Questions about Wi-Fi Security
Is it possible to find out who exactly connected to my Wi-Fi?
It's impossible to accurately identify a person by MAC address or IP address. However, it is possible:
- To know device manufacturer by the first 3 bytes of MAC (for example,
Apple,Samsung). - Define device type (smartphone, PC, IoT gadget) by network traffic.
- If you suspect a neighbor, check the signal strength: if
-50 dBm, the device is nearby.
For legal action (such as filing a police complaint), you will need the help of your ISP—they can provide connection logs upon request.
How to protect your Wi-Fi from being hacked by your neighbor?
Neighbors are the most common "hackers" of home networks. Effective measures:
- Use complex password (example:
k7#pL9!vN2@qR4). - Turn it off
WPS- it can be hacked in a few hours. - Reduce transmitter power in the router settings (if there is an option).
- Turn on MAC filtering (although this is not a panacea).
- Set up Wi-Fi operating schedule (for example, switching off from 00:00 to 6:00).
If your neighbor is persistently hacking into your network, change it. frequency range With 2.4 GHz on 5 GHz (it goes through walls worse).
Is it true that WPA3 is more secure than WPA2?
WPA3 It actually addresses key vulnerabilities. WPA2:
- 🔐 Protection against brute-force attacks — even if the password is weak, it is difficult to guess.
- 🛡️ Individual encryption traffic for each device.
- 🔄 Secure connection in public networks (through
SAE).
However:
- Not all devices support
WPA3(especially old smartphones and IoT gadgets). - In 2019, vulnerabilities were found in
WPA3(Dragonblood), but they are fixed in new firmware.
Recommendation: If all your devices support WPA3, go to it. Otherwise, use WPA2 with a strong password.
Can Wi-Fi be hacked through smart devices (lamps, sockets)?
Yes, IoT gadgets — one of the weak points of a home network. Risks:
- Many devices (eg. Xiaomi, Tuya) are used simplified authentication.
- An attacker could connect to a smart light bulb and then attack the router from within the network.
- Some gadgets (cameras, speakers) have vulnerabilities for remote code execution.
How to protect yourself:
- 🔌 Place IoT devices in guest network.
- 🔄 Update your gadgets' firmware regularly.
- 🚫 Turn it off
UPnPon the router - it allows devices to open ports automatically.
What to do if the router is already hacked and controlled by hackers?
Signs of a hacked router (not just Wi-Fi, but the device itself):
- 🔄 Spontaneous reboots or changing settings.
- 🌍 Change DNS servers (check in
WAN Settings). - 📡 Appearance unknown rules in a firewall or port forwarding.
- 🔗 Suspicious outgoing connections (seen in
System Log).
Actions:
- 🔌 Physically turn off the router from the network and the Internet.
- 🔧 Reset settings button
Reset(hold for 15-30 seconds). - 🔐 Update the firmware from the manufacturer's official website.
- 🛡️ Set up a firewall - disable remote control (
Remote Management). - 📞 Contact your provider — perhaps the hack occurred on their side.
If your router continues to behave strangely, replace itSome types of malware (eg VPNFilter) are saved even after reset.