When the internet starts to noticeably slow down and pages load with delays, it often raises suspicion. Router owners immediately assume someone has used their wireless network without permission. Indeed, if your Wi-Fi password is too simple or was once shared with guests, your traffic can be accessed by neighbors or even random passersby within range. This not only reduces connection speed but also creates serious security risks for your personal data.
Checking the list of connected devices is the first and most important step in diagnosing connection speed and stability issues. Modern routers provide sufficient tools to see every client currently connected to the network. You don't need to be a programmer or network engineer to navigate the admin panel interface. All you need is to know where to look for information and be able to distinguish your devices from others.
In this article, we'll take a detailed look at all the available methods for monitoring activity on your network. We'll cover built-in router tools, specialized computer software, and mobile apps. We'll also cover security methods that can help prevent re-intrusion. Home network security It starts with understanding who exactly is using your channel right now.
Symptoms of unauthorized network access
Before messing with your equipment settings, it's worth paying attention to indirect signs that may indicate the presence of "pirates." Often, the internet itself indicates that the channel is overloaded with unauthorized users. However, be careful in jumping to conclusions: not every slowdown indicates hacking.
The most obvious indicator is a sharp drop in speed. If you're paying for a 100 Mbps plan and 4K video stops loading or constantly buffers, that's a warning sign. It's especially suspicious if this happens when no one's home or at night when everyone's asleep. At such times, traffic consumption should be minimal.
Another sign is strange behavior of the router's indicator lights. A WLAN or Wi-Fi light that flashes frequently and erratically indicates active data transfer. If you turn off all your devices and the light remains on or flashes, someone is actively downloading files or watching videos through your access point.
⚠️ Note: The WAN (Internet) light may blink even when idle due to background Windows updates or smart devices (cameras, speakers). Don't confuse background activity with active downloads.
It's also worth paying attention to the ability to log into the administrative panel. If the router suddenly stops allowing you to access it using the default password, or the Wi-Fi password has been changed without your knowledge, this means the attacker has already gained full control of the equipment. In this case, standard verification methods may not work, as you could simply be kicked out of the network.
Checking via the router's web interface
The most reliable and accurate way to find out who's connected to your Wi-Fi is to access your router's settings. This information is stored in the device's RAM and displays the current connection status in real time. To access it, you'll need a browser and the gateway address.
First, you need to open a browser on a device that is connected to the network (preferably via cable, but Wi-Fi will do). In the address bar, enter the router's IP address. Most often, this is 192.168.0.1 or 192.168.1.1If these addresses don't work, check the sticker on the bottom of the device—it always contains the exact address and login information.
After entering your login and password (often admin/admin by default), the control panel will open. You need to find the section, which may have different names depending on the model. Look for the tabs Wireless, WLAN, Status or Client listThis is where the table with MAC addresses of all active devices is located.
☑️ Browser verification algorithm
In the list that opens, you will see MAC addresses and possibly device names. MAC address — this is the unique identifier of the network card. Write down or take a photo of the list. Now your task is to figure out which of them are yours. Check phones, laptops, TVs, and smart plugs. If there are five devices on the list and you only have two phones, then three are uninvited guests.
Using specialized PC programs
If accessing your router settings seems complicated or the device is unstable, you can use third-party network scanning software. These programs run on a Windows computer and analyze the responses of all devices on the local network. They often provide more convenient visualization than the web interfaces of budget routers.
One of the most popular and functional utilities is Wireless Network Watcher from NirSoft. It requires no installation, is free, and displays all the necessary information: IP address, MAC address, device manufacturer, and first detection time. The program scans a subnet in a few seconds and produces a ready-to-use report.
Another powerful tool is Angry IP ScannerThis is a cross-platform app that can scan not only the local network but also ports. For home users, the ability to display the hostname (device name) is important. Often, the name immediately identifies the device, for example, "Samsung-TV" or "iPhone-Oleg."
When using such programs, it's important to understand how they work. They send requests (pings) to all possible addresses within your subnet range. If a device responds, it's added to the list. This allows you to see even devices that hide their network name but can't hide the fact that they respond to a network request.
| Name of the program | Platform | Complexity | Key function |
|---|---|---|---|
| Wireless Network Watcher | Windows | Low | Detailed list of MAC and manufacturers |
| Angry IP Scanner | Win/Mac/Linux | Average | Quick Scan and Ping |
| SoftPerfect WiFi Guard | Windows | Low | Continuous monitoring and notifications |
| Fing (Desktop) | Win/Mac | Low | Device type identification |
⚠️ Warning: Your antivirus or Windows Firewall may block scanners, interpreting their activity as an attack. Allow network access when launching the program.
Mobile apps for Wi-Fi analysis
A smartphone is a device that's always at hand, and many convenient scanning apps have been created for it. These allow you to conduct a network audit without turning on your computer. Most of them run on Android and iOS, providing a user-friendly graphical interface.
The leader in this category is the application FingIt automatically scans the network your phone is connected to and compiles a complete list of devices. Fing's unique feature is its manufacturer database: it can often identify not only the brand but also the specific device model (for example, "Amazon Echo Dot" or "Xiaomi Camera").
Other popular options include Network Scanner And WiFi AnalyzerThe latter are more focused on signal and channel quality analysis, but they also feature a client viewer (DHCP Leases). This is useful for understanding not only who is connected but also how strong the signal is in different parts of the apartment.
iPhone users should note that iOS has stricter security restrictions. Apps may not see all network details unless permissions are granted or if the "Private Wi-Fi Address" feature is enabled on the iPhone itself. However, they will correctly display a basic list of connected IP addresses and MAC addresses.
What is MAC filtering?
This is a router feature that allows network access only to devices with specific MAC addresses. Even if someone learns your password, they won't be able to connect because their address isn't on the whitelist. This is a reliable, but time-consuming, security method.
How to distinguish your device from someone else's
It's easy to get confused when you receive a list of 10-15 lines of incomprehensible codes. The main task at this stage is to take inventory. Don't rush to block everything, otherwise you could disable your Smart TV or video surveillance system.
The first step is to look at the first six characters of the MAC address. This is the so-called OUI (Organizationally Unique Identifier), which identifies the manufacturer. For example, codes starting with 00:1A:2B, may belong to Asus, and 3C:5A:B4 — Huawei. Knowing what brands of equipment you have at home allows you to immediately eliminate unnecessary items.
The second step is a process of elimination. Turn off Wi-Fi on all your devices one by one and observe which line disappears from the list in the app or on the router. Write down the MAC address and device matches. This will take 5-10 minutes, but it will guarantee 100% accuracy. Device identification by MAC address is the most reliable method.
Pay attention to devices with no names (Unknown). Smart bulbs, humidity sensors, or old printers often appear this way. If, after checking all devices, an "unknown" active client with high traffic remains, this is cause for concern.
Methods of protection and blocking uninvited guests
If you spot an intruder, you need to act quickly and decisively. The easiest and most effective way is to change your Wi-Fi password. After changing the password, all devices will be disconnected, and you'll have to reconnect your devices with a new key. The "neighbor's" old password will no longer work.
A more radical method is blocking by MAC address directly in the router interface. The client list usually has a "Block" button (often indicated by a red cross or stop sign). Once clicked, the specific device will no longer be able to connect, even if it knows the password.
However, remember that an experienced user can spoof (clone) their device's MAC address to one that is allowed on the network. Therefore, changing the password in conjunction with changing the encryption type is recommended. WPA2/WPA3 is a more secure solution. Avoid the outdated WEP protocol, which can be cracked in a couple of minutes.
⚠️ Note: After changing the password or security settings, the router may reboot. Make sure you have cable access to it in case you lose Wi-Fi connection during the setup process.
It's also recommended to disable the WPS function. It allows you to connect to the network by pressing a button, but it has vulnerabilities that allow you to brute-force the PIN code. Find it in the router menu. WPS Settings and select DisableThis will close one of the loopholes for automatic password guessing.