Slow internet speeds, constant lag when watching videos, and sudden connection drops aren't always the fault of your internet provider. Often, the cause is simple traffic theft by uninvited guests. If you live in an apartment building, your Wi-Fi signal can easily reach neighboring apartments, and it's possible that your neighbors have been using your hotspot for some time without your knowledge.
In this article, we'll take a detailed look at how to find out who's connected to a Wi-Fi router. A program isn't always necessary, as the router's built-in tools are often more effective than third-party software. We'll cover methods for various hardware brands, including TP-Link, Asus, Zyxel And D-Link, and we will also discuss what to do after detecting an offender.
Identifying a "redundant" device on your network is the first step to ensuring the security of your personal data. An attacker who gains access to your local network could theoretically intercept transmitted packets or access shared folders on your computer. Therefore, regularly monitoring your router's client list is a must for any home network administrator.
Checking via the router's web interface
The most reliable and accurate way to see a real picture of your connections is to log into your router's administrative panel. Unlike third-party programs that may scan the network with a delay, the router sees every active connection in real time. To log in, you'll need the gateway address (usually 192.168.0.1 or 192.168.1.1) and the username and password, which are often found on a sticker on the bottom of the device.
Interfaces vary across manufacturers, but the logic for searching the client list is the same. You need to find the section related to the wireless network or connection status. For example, in routers TP-Link This is often a tab Wireless -> Wireless Statistics. In devices Asus you need to look at the main screen or section Network map. U Keenetic The list of clients is displayed immediately on the start page in the "Client List" block.
It's important to distinguish between wired and wireless connections. The list usually displays the connection type (LAN or WLAN). If you see a device connected via a cable that you don't recognize, it could indicate physical access to your router or hidden wiring. With Wi-Fi, pay attention to MAC addresses: the first three bytes of the address identify the network card manufacturer.
⚠️ Note: The firmware interface is constantly being updated. If you cannot find the menu items listed, please refer to the official documentation from the manufacturer of your router model, as the location of the settings may vary between firmware versions.
- 📱 TP-Link: Section Wireless -> Wireless Statistics or DHCP -> DHCP Clients List.
- 🌐 Asus: Home page (Network Map) -> click on the number in the Clients section.
- 🔵 D-Link: Tab Status -> LAN Clients or Wi-Fi -> Status.
- 🟢 Keenetic: Home page -> Client list (laptop/phone icon).
After logging into the control panel, carefully review the list. Devices are often assigned default names (for example, android-12345 or iPhone), but if the device hasn't been renamed by the user, it can be identified by its MAC address. Compare the number of active devices to the number of gadgets in your home.
Specialized programs for PC
If accessing your router's admin panel is difficult or you want to conduct a more in-depth network analysis from your computer, specialized utilities can help. They scan the IP address range of your local network and identify all active hosts. One of the leaders in this field is Wireless Network Watcher from NirSoft. It's lightweight, requires no installation, and displays detailed information about each device found.
Another powerful tool is Angry IP ScannerThis is a cross-platform scanner that can ping address ranges and ports. It's useful because it can show open ports on devices on the network, giving insight into what kind of device it is (a webcam, a printer, or a computer). However, the interface may be a bit complex for the average user.
For users looking for an all-in-one solution, SoftPerfect WiFi GuardThis program continuously monitors the network and alerts with a sound or message whenever a new, unknown device appears on the network. This is especially convenient for automatic security monitoring without the need to constantly run manual scans.
When using third-party software, it's important to understand that antivirus software may detect port scanners as potentially dangerous tools. This is normal, as hackers use similar tools for reconnaissance. Make sure to download programs only from the developers' official websites to avoid infecting your computer with a real virus.
Why does my antivirus complain about network scanners?
Network scanners send multiple requests (ping, ARP) to all addresses on the local network. To antivirus software, this behavior resembles the activity of a worm attempting to spread. If you downloaded the program from the official website, this is a false positive, and the file can be added to the exceptions list.
List of popular analysis utilities:
- 🛡️ Wireless Network Watcher: Simple listing of all devices with MAC addresses.
- ⚡ Angry IP Scanner: Quick scan of IP and port ranges.
- 👁️ SoftPerfect WiFi Guard: Constant monitoring and notifications about new clients.
- 📊 Advanced IP Scanner: User-friendly interface and remote control capabilities.
Mobile applications for Android and iOS
Modern smartphones allow you to audit your network directly from your phone, without even opening your computer. There are numerous apps for Android and iOS that analyze Wi-Fi connections. One of the most popular and functional is FingIt not only displays a list of all devices on the network, but also identifies their type (TV, router, phone), manufacturer, and even operating system.
Another useful app is - Network AnalyzerIt provides detailed technical information: IP addresses, gateways, DNS, and also runs speed and ping tests to various servers. It's an excellent tool for diagnosing connection issues when you need to determine whether the problem is with your router or your ISP's connection.
iOS users should pay attention to the app Who Is On My WiFiIt offers a simple interface and an intrusion notification feature. The app scans the network and compares MAC addresses against a manufacturer database, helping to quickly identify devices, even those with obscure names.
⚠️ Note: Network scanners on Android may require additional permissions to function fully. On iOS, the functionality of such apps is limited by Apple security policies, so they may not be able to see some system devices or connection details.
The main advantage of mobile apps is the ability to check the network from anywhere in the house. You can walk around the house with your phone, checking the signal strength and visibility of devices in different coverage areas. This helps identify not only "neighborly hackers" but also issues with the placement of the router itself.
Comparison of detection methods
Each of the methods discussed has its pros and cons. The router's web interface provides the most reliable information, as the data is taken directly from the router's ARP table. PC programs require installation and a computer, but provide more in-depth analysis. Mobile apps are convenient, but may be limited by operating system access rights.
Below is a comparison chart to help you choose the best verification method for your situation. It takes into account complexity, accuracy, and resources required.
| Method | Data accuracy | Complexity | Required device |
|---|---|---|---|
| Router web interface | 100% (Real time) | Low | Any browser |
| PC programs (Watcher) | High | Average | Computer (Windows) |
| Mobile applications | Medium/High | Low | Smartphone (Android/iOS) |
| Command Prompt (CMD) | Average | High | PC with access to CMD |
For a quick, one-time check, the mobile app or web interface are best. If you suspect persistent attacks or want to set up automatic monitoring, it's worth installing specialized software on a desktop computer that runs 24/7.
Device list analysis and MAC filtering
Once you've compiled a list of connected devices, the most important step is analysis. Don't panic if you see an unfamiliar name. These can often be smart plugs, Smart TVs, game consoles, or printers that you forgot to account for. Compare the number of devices on the list with the actual number of gadgets in your home.
The key identifier here is MAC addressThis is a unique identifier for a network card, assigned during manufacturing. The first six characters (e.g., 00:1A:2B) identify the hardware manufacturer. There are online OUI lookup databases where you can enter these characters to find out the brand of the device. If you see a device from a manufacturer you don't own (for example, Sony, but you don't have a Sony TV), this is cause for concern.
If you have identified an intruder, the most effective method of protection is MAC filteringThis feature is available in almost every router. It involves creating a "whitelist" of your devices' MAC addresses. The router will only allow connections from devices whose addresses are on this list, ignoring all others, even if they know the Wi-Fi password.
However, MAC filtering has a drawback: every time you buy a new phone or have guests over, you'll have to manually enter their addresses into your router settings. This is inconvenient, but extremely secure. The alternative is to simply change your password to a complex one and enable encryption. WPA2/WPA3.
☑️ Action plan if you discover an intruder
Frequently Asked Questions (FAQ)
Why are "Unknown" or strange names showing up in the device list?
This occurs when the device doesn't broadcast its friendly name (Hostname) or when the scanning software can't match the MAC address to a known manufacturer. This often happens to IoT devices (smart bulbs, sensors) or Linux/Android devices with default settings. Check the MAC address using online vendor identification services.
Can my neighbor see my files if he is connected to Wi-Fi?
Simply connecting to Wi-Fi doesn't automatically grant access to files. However, if you have folder sharing (SMB) configured on your network without a password or with a simple password, an attacker could theoretically attempt to gain access. It's recommended to disable network discovery on public networks or use guest Wi-Fi mode to prevent unauthorized access.
What should I do if I changed my password, but the "stranger" is still online?
If the device doesn't disconnect after changing the password, it might not be an intruder, but rather a forgotten device (such as a smart vacuum cleaner or an old console) that automatically reconnected before the settings were changed, or it might be a system process within the router itself. In rare cases, it could be a virus on one of your PCs creating a virtual access point. Restart the router after changing the password.
How to hide your network from strangers?
You can disable SSID (network name) broadcasting in your router settings. This will make the network "hidden" and prevent it from appearing in your neighbors' list of available networks. However, to connect, you'll have to manually enter the network name and password on each new device. This doesn't provide 100% protection, but it does reduce the risk of unwanted intruders.
In conclusion, it's worth noting that monitoring connected devices is a basic digital user skill. Regularly checking your client list, using strong passwords, and keeping your router firmware up to date will help you maintain the security of your home network. Don't ignore any unusual speed spikes—it's better to check and rest assured than to become a victim of traffic theft.