Have you noticed your internet has slowed down even though your plan hasn't changed? Or is your router blinking suspiciously often, even when all your home devices are turned off? Someone else might be accessing your Wi-Fi network. According to KasperskyEvery fifth router in Russia has vulnerabilities that allow attackers to access your network without permission. But how can you know for sure that other devices are connecting to your Wi-Fi—and what can you do about it?
In this article you will find 5 proven methods detection of unauthorized connections: from built-in router tools to specialized programs. We'll also look at how to distinguish legitimate devices from rogue ones and provide specific recommendations To strengthen network security. No fluff—just practical steps with explanations for users of all levels.
1. Checking via the router's web interface: the most reliable method
Any modern router - from a budget one TP-Link TL-WR840N to the flagship ASUS RT-AX88U — keeps a log of connected devices. To view it, you don't need to install any additional software. Just log into the router's control panel.
Instructions for most models:
- Connect to the router via cable or Wi-Fi.
- Open your browser and type in the address bar
192.168.0.1or192.168.1.1(the exact address is indicated on the sticker on the device body). - Enter your login and password (by default it is often
admin/adminoradmin/empty password). - Find the section
DHCP Clients List,Connected DevicesorLocal Network → Client List(the name depends on the model).
In the list that opens you will see:
- 🔹 IP addresses connected devices
- 🔹 MAC addresses (unique identifiers)
- 🔹 Host names (if the device broadcasts them)
- 🔹 Connection time and connection type (Wi-Fi/cable)
2. How to distinguish your devices from others: MAC address analysis
MAC address (Media Access Control) is a unique identifier assigned to a network interface during manufacturing. It cannot be counterfeited without specialized tools, making it ideal for device identification.
To check which MAC addresses belong to your gadgets:
- On Windows: open command prompt (
Win + R → cmd) and enter:ipconfig /allLook for the line
Physical addressfor active adapters. - On Android: go to
Settings → About phone → General information → Wi-Fi MAC address. - On iPhone/iPad:
Settings → General → About → Wi-Fi Address.
Compare the received addresses with those displayed in the router's control panel. A discrepancy? There's a third-party device on the network. Pay attention to the first six characters of the MAC address—they indicate the equipment manufacturer. For example:
- 📱
D8:30:62— Apple - 💻
3C:5A:B4— Google (Pixel, Nest) - 🖥️
28:CF:DA— ASUS - 📺
78:11:DC— Samsung (smartphones, TV)
How to fake a MAC address?
Attackers can change the MAC address of their device using programs like Technitium MAC Address Changer (Windows) or terminal commands (macOS/Linux). However, this requires technical skills and leaves traces in system logs.
3. Mobile applications for monitoring Wi-Fi networks
If accessing your router settings is inconvenient, use specialized apps. They scan your network and display all connected devices in a convenient layout.
Top 3 verified apps:
| Application | Platform | Peculiarities | Link |
|---|---|---|---|
| Fing | Android, iOS | Scans the network in 10 seconds, identifies device manufacturers, and checks ports | App Store/Google Play |
| WiFi Guard | Android | Sends notifications when new devices are connected, keeps track of history | Google Play |
| NetScan | iOS | Shows IP, MAC, hostname and even geolocation (if the device is on the Internet) | App Store |
How to use (using example) Fing):
- Install the application and open it.
- Click
Scan— the program will find all devices on your network. - Check the list: unknown gadgets will be marked as
Unknown. - Click on a suspicious device to see its MAC address and manufacturer.
4. Specialized PC programs: deep network analysis
If you need maximum detail (for example, for an office network), use desktop utilities. They will not only display connected devices but also analyze their activity.
Top programs:
- 🖥️ Wireless Network Watcher (Windows) - free, scans the network in real time, exports reports to
.csv. - 🐧 Wireshark (Windows/macOS/Linux) - professional traffic analyzer, shows even encrypted packets.
- 🍎 LanScan (macOS) - A simple scanner with network visualization.
Example of use Wireless Network Watcher:
- Download the program from the official website NirSoft (free, no installation required).
- Launch
WNetWatcher.exe(does not require administrator rights). - Click
Start Scanning— after 5–10 seconds, a list of devices will appear with IP, MAC, manufacturer name, and time of first detection. - To monitor new connections, enable the option
Beep On New Device.
☑️ What should I do if I find someone else's devices?
5. Indirect signs of an external connection
Even without special tools, you can suspect network "exposure" based on the following symptoms:
- 🐢 Internet speed reduction without objective reasons (check on Speedtest).
- 🔄 The router is overheating or operates at maximum load (check the indicators on the case).
- 📡 Unusual indicator activity: blinking
WANorWi-Fiduring non-working hours. - 🔌 New device notifications (if the router supports
UPnPorDLNA).
Critical sign: If the list of connected devices includes gadgets with IP addresses in the range 192.168.x.1–192.168.x.10, but you haven’t assigned static IPs manually, it’s almost certainly a hack. Attackers often reserve addresses at the beginning of a range to make them harder to detect.
6. How to block unauthorized devices: 3 steps
Spotted a suspicious connection? Act quickly:
- Disconnect the device via the router:
- Go to the control panel (see Section 1).
- Find someone else's device in the list and click
BlockorDisable. - Some routers (eg. Keenetic) allow you to permanently block a device by MAC address.
- Change your Wi-Fi password:
- Use WPA3 (or WPA2-PSK, if WPA3 is not supported).
- The password must be at least 12 characters long, including numbers, letters, and special characters.
- Example of a strong password:
k7#pL9!vR2$qM1.
- Find the section in the router panel
MAC FilterorMAC address filter. - Whitelist only your devices.
- Please note: this method is not a panacea (MAC can be forged), but it will make life more difficult for attackers.
7. Additional security measures: how to prevent future hacking
To minimize risks, follow these recommendations:
- 🔒 Disable WPS - this protocol is vulnerable to brute force attacks (even if you have TP-Link or D-Link latest model).
- 🔄 Update your router firmware — Manufacturers regularly patch critical vulnerabilities.
- 🌐 Change the default username and password for the admin panel (don't leave
admin/admin). - 📡 Disable remote control of your router (option
Remote Management). - 🛡️ Create a guest network for friends, it is isolated from the main one.
For advanced users:
- Set up VLAN (virtual networks) to separate traffic.
- Turn on login by certificates (if the router supports
802.1X). - Use Router-level VPN (For example, OpenVPN or WireGuard).
FAQ: Answers to Frequently Asked Questions
Is it possible to find out who exactly connected to my Wi-Fi (name, address)?
No, you can't identify a user by their MAC address or IP address. The most you'll see is the device model (e.g., iPhone 12 or Samsung Galaxy S21). To identify a person, provider data is required, which is only provided upon request by law enforcement agencies.
What should I do if someone else's device connects again after being blocked?
This means the attacker is either spoofing the MAC address or has cracked the password. Here's what to do:
- Change network name (SSID) and password at the same time.
- Turn on hiding SSID (option
Hide SSID). - Set up static IP for your devices and disable DHCP for unknown MACs.
- If the problem persists, please contact your provider to check. DNS spoofing.
Can my neighbors connect to my Wi-Fi if the signal is weak?
Yes, even a weak signal can be picked up using directional antennas or repeaters. Attackers often use:
- 📡 Signal boosters (eg. Alfa AWUS036ACH).
- 📱 Special applications for password guessing (for example, Wifi WPS WPA Tester).
- 💻 Programs for intercepting handshake (Aircrack-ng, Reaver).
To protect yourself:
- Reduce the Wi-Fi transmission power in your router settings (if you don't need a large coverage area).
- Use 5 GHz mode - it is more difficult to intercept from a distance.
Is it true that routers from ISPs (Rostelecom, Beeline) are less secure?
Yes, often routers provided by providers (for example, Sagemcom [email protected] 2804 from Rostelecom or Sercomm RV6699 from Beeline), have:
- 🔓 Default passwords printed on the sticker.
- 🔄 Outdated firmware with known vulnerabilities.
- 🛑 Disabled security features (e.g. firewall).
Recommendation: replace such a router with a model from ASUS, TP-Link or MikroTik with support WPA3 and regular updates.
Can antivirus detect my Wi-Fi connection?
No, antiviruses (for example, Kaspersky, ESET NOD32) do not scan the Wi-Fi network for unauthorized devices. They only protect the device on which they are installed. However, some security packages (for example, Bitdefender Total Security) include the module network monitoring, which can notify you of new connections to your local network.