It's often puzzling when your internet speed suddenly drops and browser pages load with a noticeable delay. You pay for a high-bandwidth plan, but your actual performance falls far short of what's advertised. In most cases, the culprit isn't your ISP or equipment failure, but rather uninvited guests connecting to your wireless network.
Unauthorized users can use your traffic to download movies, games, or system updates, which puts a huge strain on your bandwidth. Furthermore, the presence of unknown devices on your local network poses a serious security threat to your personal data. An attacker can access shared folders, printers, or even intercept transmitted data packets.
There are several proven methods for accurately determining the number of active clients and their MAC addresses. We'll cover both standard router configuration tools and specialized software for in-depth traffic analysis. Understanding these methods will allow you to quickly respond to intrusions and ensure the stable operation of your home network.
Analyzing connected devices via the router's web interface
The most reliable and accurate way to obtain information about all subscribers on your network is to access your router's administrative panel. The router is the central hub that distributes IP addresses and manages connections, so its data is the most current and accurate. To access the interface, enter the gateway IP address, usually found on a sticker on the bottom of the device, into your browser's address bar.
The standard address is most often 192.168.0.1 or 192.168.1.1, however, some providers may use their own ranges. After entering the address, the system will request authorization. If you have never changed the factory settings, the login and password can also be found on the device label; these are usually combinations like admin/admin or admin/password.
Interfaces from different manufacturers vary significantly in design and menu layout, but the operating logic remains the same. You need to find the section related to the wireless network or client status. Depending on the model and firmware, this section may be called Wireless, Wi-Fi, Status or Client listThis displays a complete table of connected devices with their MAC addresses and current connection status.
Pay special attention to the logs section, if available on your model. Logs may contain connection and disconnection histories, which is useful for identifying user behavior patterns. For example, if an unknown device only connects at night, this is a clear sign that neighbors are using your password for free access.
Testing instructions for popular router models
Different network equipment manufacturers use different interfaces for managing settings. Let's look at specific navigation paths for the most common brands so you can quickly find the information you need.
For devices TP-Link In the new blue interface you need to go to the menu Basic (Basic settings) and select the tab Wireless (Wireless mode) A list will be displayed there Wireless Statistics or just a table of clients. In the old green interfaces, the path goes through Wireless -> Wireless Statistics.
In routers ASUS with ASUSWRT firmware on the main status page (Network Map) On the right or below, there's an icon displaying the number of connected clients. Clicking it will display a detailed table where you can not only view the device's name but also force it to disconnect or limit its speed.
Equipment from Zyxel (Keenetic) has a very user-friendly interface. On the main status page (System Monitor) there is a block Client listClicking on it will provide you with comprehensive information, including the connection type (cable or Wi-Fi) and the current connection speed.
| Router brand | Menu section | Tab name | Additional actions |
|---|---|---|---|
| TP-Link | Wireless / Wireless mode | Wireless Statistics | MAC blocking |
| ASUS | Network Map | Clients (icon) | Speed Limit |
| D-Link | Wi-Fi / Status | Client list | View signals |
| Zyxel | System Monitor | Client list | Detailed diagnostics |
| Tenda | Wireless Settings | Wireless Client List | Removing from the list |
It is important to understand that some devices may appear as Unknown or have strange alphanumeric designations. This is normal for IoT devices, such as smart plugs or lamps. However, if you see a device named "Android" or "iPhone" that doesn't belong to you, be wary.
Using specialized programs and utilities for PC
If access to your router settings is limited for some reason, or you prefer a more detailed traffic analysis, you can use computer software. These utilities scan the local network and identify all active nodes, providing information not always available through the router's standard interface.
One of the most popular and functional programs is Wireless Network Watcher from NirSoft. This portable utility, requiring no installation, instantly scans the IP address range of your subnet. It displays the IP address, MAC address, device name, network card manufacturer, and the last detected time. The program allows you to export reports and configure sound notifications when a new device appears.
Another powerful tool is Angry IP ScannerThis is a cross-platform scanner that runs on Windows, Linux, and macOS. It checks every IP address in a specified range, pinging it and attempting to identify open ports. This helps not only find "neighbors" but also check the security of your own devices, ensuring they don't have any unnecessary ports open to the outside world.
Why might the program not see some devices?
Some modern smartphones and tablets use MAC address randomization to protect privacy. When connecting to a new network, they generate a temporary address, which can change. Furthermore, devices in sleep mode may not respond to ping requests from the scanner, so they won't appear in the active list, although they will technically remain in the router's list of associated clients.
There is a utility for professionals and system administrators Advanced IP ScannerIt boasts high scanning speed and the ability to remotely control computers on the network (launch the command line, shut down, and launch programs). Its functionality may be excessive for home use, but it's ideal for in-depth diagnostics.
⚠️ Attention: Using port scanners and network analyzers on other people's networks without the owner's permission is illegal. Use these tools only for diagnosing your own home or corporate infrastructure.
Mobile apps for Wi-Fi network monitoring
Modern smartphones allow you to turn your phone into a powerful network administration tool. There are numerous apps for Android and iOS that scan your network and show who's connected. This is especially convenient because you can check it at any time, without turning on your computer.
Application Fing is one of the leaders in this category. It doesn't just display a list of devices, but also identifies their type (TV, camera, console), manufacturer, and even operating system. Fing can also detect network changes and send notifications when a new device connects. The free version is sufficient for basic monitoring.
For router users Keenetic there is an official app My.Keenetic, which gives you full control over your router directly from your phone. It lets you not only view the list of clients, but also set up a guest network, limit the speed for specific devices, or block access on a schedule. Similar apps are available from TP-Link (Tether) And ASUS (Router).
An important point when using mobile scanners is that your phone must be connected to the same Wi-Fi network you're scanning. Scanning a local network via mobile internet (3G/4G/5G) is impossible because you're on a different provider subnet.
Checking via the Windows command line and the ARP table
For those who prefer not to install unnecessary software, there's a built-in check method via the operating system's command line. This method allows you to view the ARP (Address Resolution Protocol) table, which stores the mapping between IP addresses and MAC addresses of devices with which your computer has recently communicated.
To use this method, open the command prompt. Press the key combination Win + R, enter cmd and press Enter. In the window that opens, enter the command arp -a and press Enter. The system will display a list of IP addresses and their corresponding physical addresses.
C:\Users\User>arp -a
Interface: 192.168.1.55 --- 0x3
Internet Address Physical Address Type
192.168.1.1 00-11-22-33-44-55 dynamic
192.168.1.105 aa-bb-cc-dd-ee-ff dynamic
192.168.1.255 ff-ff-ff-ff-ff-ff static
However, this method has a significant drawback: the table only displays those devices with which your computer has already exchanged data packets. To see the full list, you can first ping the entire address range, but this requires knowledge of PowerShell or writing a simple script. Therefore, this method arp -a Good for quickly checking for a specific suspicious IP, but not for a full network audit.
You can also use the command netstat, but it shows active connections and ports rather than a full list of Wi-Fi clients. For a deeper analysis of network connections in real time, you can run the command netstat -an, which will show all active TCP and UDP connections.
Methods of protection and blocking unauthorized users
Once you've identified the uninvited guests, the question arises of network security. Simply removing the device from the list is often insufficient, as the neighbor's device will attempt to connect to the network again upon automatic reconnection. More drastic measures are required.
The most effective method is to change your Wi-Fi password. Changing the security key will disable all devices, and you'll only have to reconnect your devices with the new password. It's recommended to use a complex password containing mixed-case letters, numbers, and special characters, at least 12 characters long.
The second level of protection is MAC address filtering. This feature allows you to create a "whitelist" of devices that are allowed to connect. Even with the password, a device with an unknown MAC address will not be able to connect to the network. You can find this feature in the section Wireless MAC Filtering or MAC address filter.
☑️ Network Security Checklist
It is also worth disabling the function WPS (Wi-Fi Protected Setup). This technology allows you to connect to a network by pressing a button or using a PIN code, but it has known vulnerabilities that allow attackers to brute-force the password in a matter of hours. Disabling WPS will significantly increase the security of your access point.
⚠️ Attention: Enabling MAC address filtering requires manual registration of each new device (guest phone, new tablet). If you frequently have guests, this mode can be inconvenient, as guests will have to ask you to add their device to the allowed list each time.
Frequently Asked Questions (FAQ)
Can my neighbor steal my internet if I hide my network name (SSID)?
Hiding the SSID is not a reliable security method. An experienced user can easily detect a hidden network using traffic analyzers (e.g., Wireshark or Airodump-ng), since the network name is transmitted in service frames when authorized clients connect. This only creates the illusion of security but does not protect against actual hacking.
Why do I see more gadgets in the list of devices than I physically have?
Modern devices often have multiple network interfaces or create virtual adapters. For example, a single smartphone can appear twice: as a phone and as an access point (if enabled). Network printers, smart speakers, TVs, and even individual Bluetooth modules broadcasting over the network can also have separate MAC addresses.
What should I do if I changed my password, but a stranger still connects?
This could mean you have WPS enabled, which can be hacked using only your PIN (if it hasn't changed). Alternatively, one of your guests may have installed a QR code generator app that allows connection without entering a password. In this case, you'll need to completely reset your router to factory settings, update the firmware, and reconfigure the network, making sure to disable WPS.
Does the number of connected devices affect internet speed?
Yes, it does have a direct impact. The channel's bandwidth is divided among all active users. If one device starts downloading torrents or watching 4K videos, the others may not have enough speed to even load simple pages. The router also has limited processor resources, and a large number of clients can overload it and cause a drop in speed.