A sudden drop in internet speed is often the first sign that your home network is overloaded. In the age of smart gadgets and constant streaming, it's easy to get confused about who's consuming your bandwidth, but sometimes you'll find completely unfamiliar names in the list of devices. Unauthorized connection An unauthorized person accessing your access point not only reduces speed, but also compromises the privacy of the data being transmitted.
Fortunately, modern routers and operating systems provide a variety of tools for monitoring activity. You don't need to be a network engineer to perform basic diagnostics and identify "freeloaders." There are several methods, from a simple visual inspection of the router's indicator lights to a deep analysis of logs via the command line.
In this article, we'll explore all available verification methods so you can fully control your digital space. We'll cover both native tools for Windows, macOS, and Linux operating systems, as well as specialized mobile apps. The only way to reliably disable an uninvited guest is to change the WPA2/WPA3 password and encryption type in the router settings. Let's go.
Analyzing connections via the router's web interface
The most reliable and accurate way to find out how many devices are on your network is to go to the source of truth: the router itself. The administrator's web interface displays a list of all active clients in real time, showing their IP addresses, MAC addresses, and sometimes even hostnames. To log in, you need to enter the gateway IP address (most often 192.168.0.1 or 192.168.1.1) in the browser's address bar.
After logging in (your login and password are usually on a sticker on the bottom of the case, unless you've changed them), you need to find the section responsible for the wireless network status. Depending on the model and firmware, this section may have different names. For example, on devices TP-Link This is often a tab Wireless -> Wireless Statistics, and on ASUS — network map in the center of the main page.
In the list that opens, you'll see a table with data. It's important to pay attention to the number of rows and compare them to known devices. If you see a device named Unknown or a strange MAC address that doesn't match your gadgets, this is a cause for concern. Modern interfaces, such as Keenetic or MikroTik, even allow you to assign user-friendly names to devices directly in the list for convenience.
⚠️ Note: Firmware interfaces are constantly being updated. If you can't find the section you need, check the official documentation for your model manufacturer, as the menu layout may differ from that described.
For clarity, here is an example menu structure for popular brands:
| Router brand | Path to the menu | Section title |
|---|---|---|
| TP-Link | Wireless -> Wireless Statistics | Client list |
| ASUS | Network Map -> Clients | Online PC |
| D-Link | Status -> Wireless | Wireless Clients |
| Keenetic | Client list (main) | Devices |
| MikroTik | Wireless -> Registration | Associated Stations |
Using this method, you get the most accurate picture, as the data comes directly from the hardware. This eliminates caching errors that can occur in computer operating systems.
Checking connected devices on Windows
If access to your router settings is temporarily unavailable for some reason, you can use the built-in tools of the Windows operating system. However, it's important to remember that the computer only sees devices on the same subnet that respond to requests. To get started, you can use a simple command in the command line that will display the ARP (Address Resolution Protocol) table.
Open the command prompt by typing cmd in the Start menu and run the command arp -aA list of IP addresses and their corresponding physical MAC addresses will appear on the screen. These are the devices with which your computer has recently communicated. This list is not exhaustive, but it can reveal any obvious anomalies.
For a more in-depth analysis, you can use the utility nmap or built-in PowerShell. The network scan command can identify active hosts. Enter the following in PowerShell:
Test-Connection -ComputerName (1..254 | ForEach-Object{"192.168.1.$_"}) -Count 1 -Quiet
This command will check the availability of all addresses in the range and show who is responding. However, for the average user, it's more convenient to use graphical interfaces or specialized software that automates this process and displays device manufacturers by MAC address.
☑️ Network diagnostics on a PC
Network Monitoring on macOS and Linux
Ecosystem users Apple They also have powerful tools at their fingertips. macOS has a built-in Activity Monitor utility, but Terminal is a better choice for network analysis. arp -a It works similarly to Windows, displaying a list of known addresses. However, the standard Mac interface doesn't provide a detailed network map without third-party software.
For Linux systems where network control is a priority, there are many command-line utilities. One of the most popular is nmapIt can not only show connected devices but also determine open ports, the client's operating system, and even the service version. The scanning command looks like this:
nmap -sn 192.168.1.0/24
Here is the parameter -sn means scanning without checking ports (ping only), and the mask /24 specifies a range of addresses. The result will be a list of all active IP addresses on your local network. This is a professional method that provides the most detailed technical information.
If you don't want to mess around with the command line, there are graphical shells for nmap, such as Zenmap, or simple network scanners like Angry IP Scanner, which work on all three platforms. They visualize data, displaying device icons and their availability status in real time.
What is MAC filtering?
MAC filtering is a security method that allows only devices with specific physical addresses to access the network. Even with the Wi-Fi password, a device without an authorized MAC address will not be able to connect. However, this method is labor-intensive to maintain and is not foolproof, as MAC addresses are easily spoofed.
Using mobile applications for Android and iOS
The fastest way to audit your network without turning on your computer is to use your smartphone. Scanner apps for Android And iOS They operate on the same principle as their desktop counterparts but have a more user-friendly interface. They scan a range of addresses and attempt to identify the device manufacturer based on the first six digits of the MAC address (OUI).
One of the market leaders is the application FingIt not only displays a list of connected devices, but also allows you to run speed tests, check network security, and even detect hidden cameras. Another popular option is WiFi Analyzer, which is more focused on channel analysis, but also has a client viewing function.
It is important to understand the limitations of mobile operating systems. In recent years, Apple And Google They've strengthened their privacy policies by requiring apps to request permission to access your local network. Without this permission, the app will only show your phone. Furthermore, the "Private Wi-Fi Address" feature, enabled by default on iPhones, masks your phone's real MAC address, which can be confusing when checking lists.
- 📱 Fing — the best choice for detailed analysis and detection of IoT devices.
- 📡 Network Scanner — a simple and easy tool for quick checking.
- 🛡️ Who Is On My WiFi — specializes in tracking changes in the client list.
Mobile apps are convenient because they often have a database of manufacturers, so instead of a dry set of numbers, you will see “Samsung TV” or “Xiaomi Vacuum,” which greatly simplifies identification.
Table of signs of unauthorized access
How can you tell if someone else is actually accessing your Wi-Fi, and not just your router malfunctioning? There are a number of indirect and direct signs that, when combined, paint a clear picture. Don't ignore even the slightest suspicion, as the security of your personal information is worth spending 10 minutes checking.
Pay attention to the behavior of the indicators on the router. If all your devices are asleep or turned off, and the Wi-Fi or LAN light is blinking frantically, this is a sure sign of active data transfer. Also, be wary if your internet speed drops during hours when you're not downloading anything or watching videos.
Below is a table to help classify symptoms:
| Symptom | Probability of hacking | Action |
|---|---|---|
| Wi-Fi indicator blinking when idle | High | Check the client list urgently |
| Reduce speed at night | Average | Check torrents and updates |
| Blocking access to the admin panel | Critical | Resetting the router and changing the password |
| Unknown devices in DHCP list | High | MAC address blocking |
⚠️ Caution: Some viruses on your own computers can mimic network activity, creating the illusion that other devices are connected. Always scan your PCs with an antivirus.
If you detect suspicious activity, the first step is to change your router's administrator password. Often, hackers gain access to your network because the owner has left the factory password. admin/admin to enter settings.
Security measures and blocking of unwanted users
Once you've identified the troublemaker, you need to immediately block their access. The simplest, but not the most reliable, method is to block them by MAC address directly in the router interface. Find the device in question in the client list and click "Block." However, as mentioned earlier, an experienced user can bypass this restriction by changing the MAC address of their network card.
The most effective strategy is a comprehensive one. First, change your Wi-Fi password to a complex one containing mixed-case letters, numbers, and special characters. Second, disable WPS (Wi-Fi Protected Setup). This technology, which allows you to connect with the push of a button, has known vulnerabilities that allow someone to guess the PIN code within a few hours.
It's also recommended to enable a guest network for visitors. This will create an isolated network segment that won't have access to your primary files and printers. If a guest gets a virus, your primary network will remain secure. Regularly update your router firmware, as manufacturers patch security holes through updates.
- 🔒 Use encryption WPA3 or WPA2-AES, avoid the legacy WEP.
- 🚫 Disable remote management of the router from the external network.
- 🔄 Change your passwords regularly, at least once every six months.
Remember that there's no such thing as absolute security, but creating enough obstacles will force an attacker to look for easier prey. Your goal is to become a "hard nut to crack," not worth the effort.
Is it possible to find out what exactly someone else is doing on my network?
Not by conventional means. You only see the connection and the amount of data transferred. Viewing traffic content (websites, messages) requires sophisticated sniffing technologies and man-in-the-middle attacks, which require extensive knowledge and are often illegal.
Why does the device list show "Unknown"?
This happens if the device doesn't broadcast its hostname or if your router/app database doesn't contain manufacturer information corresponding to the given MAC address. This is often the case with cheap Chinese smart home gadgets.
Does the number of connected devices affect internet speed?
Yes, directly. The connection bandwidth is shared among all active users. If one user is downloading large files, others will experience latency (ping) and slower page loading speeds, especially on older routers.
Is it safe to use third-party Wi-Fi testing apps?
Popular apps from official stores (App Store, Google Play) with a good reputation are generally safe. They simply scan the network, just like the router itself does. However, avoid dubious APK files from unknown sources.