Slow internet speeds, sudden lags in online games, or strange blinking router lights often raise suspicion among home network owners. In the digital age, your access point can be accessed not only by neighbors looking to save on data but also by hackers using password-guessing software. If you notice that WLAN indicator If the light on the router body is flashing too quickly, even when all your devices are turned off, this is the first warning sign that requires immediate attention.
Knowing how to check who's connected to your Wi-Fi is a basic digital hygiene skill for every user. Modern routers, whether Keenetic, TP-Link or Asus, provide sufficient tools for monitoring activity. However, many users simply don't know where to look for this information or ignore it until they completely lose control of the network. In this article, we'll take a detailed look at methods for detecting rogue devices and ways to secure the perimeter of your home network.
Direct signs of unauthorized access
Before delving into the complex settings of the admin panel, it's worth paying attention to indirect but telling signs. Often, the very nature of your internet connection indicates that third parties are using it. If you live in an apartment building, the risk of neighbors "moving in" increases significantly, especially if you have a simple password or use WEP protection, which is easily cracked by automated means.
One of the most obvious signs is a critical drop in page and video loading speed. When your channel is clogged with other users' traffic, your router is forced to share bandwidth among all clients, leading to content buffering even with a high-limit plan. You should also pay attention to the behavior indicator lightsIf your Wi-Fi data light is on or flashing continuously while you're sleeping or at work, it means someone is actively downloading files or watching videos over your network.
Additionally, antivirus programs on your computers may start issuing warnings about port scanning attempts or suspicious activity from within the local network. This could indicate that the attacker is no longer simply consuming your traffic but is also trying to find vulnerabilities in your devices to steal data.
- 📉 A sharp drop in internet speed during off-peak hours.
- 🔥 The Wi-Fi indicator constantly blinks when the gadgets are turned off.
- ⚠️ Firewall pop-up notifications about network attacks.
- 🔒 Unable to access router settings with the usual password.
It's important to understand that modern routers can have hundreds of connected devices in their logs, but only a few will be active. Therefore, the presence of an unfamiliar MAC address in the list doesn't guarantee that someone is stealing traffic right now, but it's still important to check the device.
Using the router's built-in web interface
The most reliable and accurate way to find out who's using your Wi-Fi is to delve into the "brains" of your router. You don't need any special software for this; any browser and access to the administrative panel are sufficient. The login address is usually located on a sticker on the bottom of the router and looks like this: 192.168.0.1 or 192.168.1.1. By entering your login and password (by default, it is often admin/admin), you will get full control over the device.
The information you are looking for may be called differently in different manufacturers' interfaces. TP-Link This is the "Wireless Statistics" or "Status" section, Asus — “Network map”, and in routers Keenetic — "Client List." This displays all devices that are currently online, their MAC addresses, IP addresses, and sometimes even hostnames. If you see a device named "Unknown" or a name that doesn't match your devices (for example, "iPhone-Sasha" when you don't have an iPhone), this is cause for concern.
Pay special attention to the logs section (event logs), if available on your model. Connection history can be stored there, allowing you to see who tried to access the network and when, even if that user has now disconnected. Some advanced models allow you to immediately block suspicious addresses directly from this interface by adding them to Black List.
⚠️ Attention: If you can't access your router settings because the administrator password has been changed by someone unknown, this means the attacker has already gained full control of the device. In this case, the only solution is a full reset using the reset button on the device.
To help you analyze the list of devices, you can use the following table of manufacturer names and MAC address prefixes to help identify the device:
| Device manufacturer | MAC Prefix (OUI) | A typical online name |
|---|---|---|
| Apple Inc. | A4:83:E7, D8:30:62 | iPhone, iPad, MacBook |
| Samsung Electronics | 00:1C:2C, 3C:22:FB | Galaxy S, Samsung TV |
| Xiaomi Communications | 64:09:80, 7C:B2:7D | MI Phone, Mi Box |
| Intel Corporate | 00:24:D6, 34:02:86 | Intel(R) Dual Band Wireless |
Specialized programs for network scanning
If accessing your router settings seems too complicated or the interface doesn't display all the information, specialized utilities for PCs and smartphones can help. These programs scan your local network and provide a detailed report on all active nodes. One of the most popular and functional programs for Windows is Wireless Network Watcher from NirSoft. It's free, requires no installation, and instantly displays a list of all devices.
For mobile device users, especially those based on Android, an excellent choice would be the app FingIt doesn't just display a list of IP and MAC addresses, but also attempts to identify the device model, operating system, and even open ports. This allows you to accurately determine what exactly is connected: a smart light bulb, a TV, or a neighbor's laptop. Software analysis is often more detailed than the standard router interface, as it uses additional network scanning methods.
When using third-party software, it's important to keep security in mind. Download utilities only from the developers' official websites to avoid infecting your computer with a virus disguised as an "antivirus" or "scanner." Furthermore, such programs may require permission to access the local network, which must be confirmed.
- 💻 Wireless Network Watcher — lightweight scanner for Windows.
- 📱 Fing — a powerful application for iOS and Android.
- 🛡️ Angry IP Scanner — cross-platform port and host scanner.
- 🔍 Advanced IP Scanner — quick network analysis for administrators.
Using software allows you to see even devices that are hidden in the router's default list or have changed names. Some programs can create a network map and show how devices are connected, which is useful for diagnosing complex smart home systems.
Can a program show a neighbor's Wi-Fi password?
No, legal network scanners only show technical data (IP, MAC, manufacturer) of devices on the same network as you or open networks around you. Obtaining the password of a closed network requires brute-force attack tools, the use of which is illegal without the owner's permission.
Analysis of logs and system events
For those who prefer in-depth analysis, system logs from the router itself and the computer's operating system are an excellent source of information. Router logs often record DHCP events: when a new device requests an IP address, a record is left in the log with the corresponding MAC address and the time of the request. This allows you to identify "guests," even if they connect irregularly, for example, only at night.
In the operating system Windows You can use the built-in console utility arpBy opening the command prompt (cmd) and entering the command arp -a, you'll get a table of IP addresses and physical MAC addresses of all devices with which your computer has communicated. This is a quick way to see who's currently on your local network, without installing any additional software.
C:\Users\User> arp -aInterface: 192.168.1.5 --- 0xb
Internet Address Physical Address Type
192.168.1.1 00-11-22-33-44-55 dynamic
192.168.1.15 AA-BB-CC-DD-EE-FF dynamic
By comparing the received MAC addresses with the stickers on your devices, you can easily identify the intruder. If the list arp If an address appears that you cannot identify, and at the same time it is actively exchanging packets (which is visible by the change in the “dynamic” status), this is a sure sign of the presence of a third party.
Methods of blocking and protecting the network
Once the intruder has been identified, the question of eliminating them arises. The simplest, but not the most reliable, method is to change the Wi-Fi password. This will disconnect all users, and you'll have to reconnect your devices. However, if the attacker uses programs to intercept handshake connections, they can brute-force the new password if the encryption algorithm is weak.
A more effective method is MAC address filteringIn your router settings (Wireless MAC Filtering section), you can enable "Allow" mode and specify the MAC addresses of only your devices. In this case, even if someone knows the password, they won't be able to connect because their physical address won't be whitelisted. This creates a secure barrier, although it requires manual configuration of each new device.
It's also critical to change your default security settings. Make sure you're using an encryption protocol. WPA2-PSK (AES) or modern WPA3. Obsolete protocols WEP And WPA/TKIP They can be hacked in minutes. Be sure to change the default password for your router's admin panel, as this is the first loophole hackers test.
- 🔑 Change your Wi-Fi password to a complex one (at least 12 characters, letters and numbers).
- 📋 Configure MAC address filtering in Whitelist mode.
- 🔒 Disable the feature WPS, since it is a vulnerability.
- 🔄 Update your router firmware regularly.
☑️ Wi-Fi Security Checklist
Guest Access Management and Configuration
To avoid future security issues and avoid having to constantly check who's connected to your Wi-Fi, it's a good idea to properly manage access for guests. Most modern routers support a "Guest Network" feature. This is a separate access point with its own name and password, isolated from your main local network.
By connecting friends or acquaintances to a guest network, you protect your personal files, printers, and smart devices from potential access. Even if the guest password is compromised, an intruder won't be able to access your main network, where important data is stored. This also allows you to limit the speed of guests to prevent them from completely hogging your bandwidth.
Regular maintenance also includes updating your router's software. Manufacturers frequently release patches to close security holes. You can check for updates in the section System Tools → Software Update.
⚠️ Attention: Router interfaces may vary from manufacturer to manufacturer. If you don't see the features described, please refer to the official documentation for your model, as the menu layout may vary depending on the firmware version.
Frequently Asked Questions (FAQ)
Can my neighbor see my files if he is connected to Wi-Fi?
Simply being connected to the same network doesn't automatically grant access to files. However, if your computer isn't configured with the correct network profile (for example, "Public" instead of "Private") or if folders are shared, an intruder could theoretically attempt to gain access. Therefore, if you detect an intruder, it's best to immediately change your password and check your sharing settings.
Can someone see my browser history over Wi-Fi?
If the connection is secured with HTTPS (which is currently used by most websites, including Google, banks, and social media), the router owner or hacker will only see the website's domain, not specific pages or entered data. However, if unsecured HTTP is used, traffic can be intercepted and analyzed.
What should I do if I changed my password but the speed is still low?
Slow speed doesn't always mean Wi-Fi is being stolen. It could be caused by interference from neighboring routers (especially at 2.4 GHz), faulty cables, or issues with your service provider. Try rebooting your router or switching to a 5 GHz channel if your device supports it.
How to block a device permanently?
The most reliable method is to use MAC address filtering in your router settings. Add your device's address to the whitelist and enable filtering. Alternatively, simply find the device in the client list and click "Block" (if supported by your model). Then, be sure to change the Wi-Fi password.