How to find out who's using my Wi-Fi: step-by-step instructions with photos

Have you noticed that your internet has become slower and your data is running out early? Someone else may be accessing your Wi-Fi. According to KasperskyOne in five routers in Russia has vulnerabilities that allow attackers to exploit someone else's network. In this article, we'll discuss how to check the list of connected devices, identify free riders, and block them—even if you're not a network expert.

The testing methods depend on your router model and your technical skills. We've compiled 7 working methods — from simple (via a mobile app) to advanced (MAC address analysis). You'll also learn how distinguish legal devices from others by indirect signs, and what to do if a neighbor hacked your password.

1. Checking via the router's web interface (universal method)

The most reliable method is to access your router's control panel. This doesn't require any additional software, just a browser on your computer or phone. These instructions apply to most models: TP-Link, ASUS, Keenetic, Zyxel, MikroTik and others.

Follow the step-by-step instructions:

  • 🌐 Open your browser and enter in the address bar 192.168.0.1 or 192.168.1.1 (less often - 192.168.8.1). If the page doesn't open, check the IP address on the router sticker.
  • 🔑 Enter your login and password (usually admin/admin, if you haven't changed it). On some models Keenetic The password matches the Wi-Fi password.
  • 📊 Find the section DHCP, Local area network or Wireless (the names are different). Look for tabs like Connected devices, Client list or ARP table.
  • 📋 A table with MAC addresses, IP addresses, and device names will appear. Compare the list with your devices.

This is what the list of connected devices on the router looks like. TP-Link Archer C6:

Device name MAC address IP address Connection type
1 iPhone-13-Pro A4:83:E7:12:F5:89 192.168.0.101 Wi-Fi (5 GHz)
2 DESKTOP-R7T4K9L 7C:DD:90:4A:B1:2E 192.168.0.102 Ethernet
3 Unknown 00:1A:79:8B:4C:3D 192.168.0.105 Wi-Fi (2.4 GHz)
⚠️ Note: Some routers (eg. Huawei or Tenda) hide MAC addresses to "simplify the interface." In this case, use the methods in the following sections.

2. Mobile applications for network analysis

If you're too lazy to access your router settings or you've lost your password, use specialized apps. They scan your local network and display all connected devices. The best options for Android And iOS:

  • 📱 Fing (free, premium version available) — identifies device manufacturer by MAC address and displays open ports.
  • 🛡️ NetScan (iOS only) - Visualizes the network as a diagram, marking unknown devices in red.
  • 🔍 WiFi Guard (Android) — Compares the current list of devices with the "white list" and notifies about new connections.
  • 📊 IP Tools — in addition to network scanning, it can test speed and ping.

Example of work Fing:

  1. Download the app from App Store or Google Play.
  2. Connect to your Wi-Fi network.
  3. Click Scan - after 10-20 seconds a list of devices will appear with the indication IP, MAC, manufacturer and type (smartphone, PC, TV, etc.).
  4. Unknown devices will be marked as Unknown.
📊 How do you most often check your connected devices?
Via the router's web interface
Mobile application
Command line
Never checked

The advantage of these apps is that they work even if you don't have access to a router (for example, in a hotel or office). The disadvantage: some devices may not show up if they have disabled ping responses.

3. Windows Command Prompt (for advanced users)

If you prefer system tools, check the network via CMDThis method does not require any software installation and works on all versions. Windows (from XP to 11).

Run the following commands in order:

arp -a

ping 192.168.0.1 -n 1

arp -a

Transcript:

  • The first command will show the ARP table cache (list of IP and MAC addresses).
  • The second one will update the cache (replace 192.168.0.1 to your router's IP, if it is different).
  • The third one will display the current list of connected devices.

Example output:

Interface: 192.168.0.103 --- 0x12

Internet Address Physical Address Type

192.168.0.1 aa-bb-cc-dd-ee-ff dynamic

192.168.0.101 1a-2b-3c-4d-5e-6f dynamic

192.168.0.105 00-1a-79-8b-4c-3d dynamic

⚠️ Note: This method only shows devices that have recently communicated with your PC. For a complete list, use the network scan utility. nmap (section 5).

4. How to distinguish your devices from others

You've received a list of MAC addresses, but how do you know which ones are yours? Here's 5 Signs of Foreign Devices:

  • 🆔 Unknown manufacturerThe first three pairs of characters in a MAC address indicate the brand. For example:
    • A4:83:E7Apple;
    • 7C:DD:90Hewlett-Packard;
    • 00:1A:79Cisco (often used in office equipment).

    Check the manufacturer through the service MAC Vendors Lookup.

  • 🕒 Connection during non-working hoursIf the device appears at night when everyone is asleep, it is suspicious.
  • 📶 Connecting to 5 GHz when the network is disabledSome routers only allow you to enable 2.4 GHz, but an attacker can still connect to a hidden 5 GHz network.
  • 🔄 Frequent MAC address changesSome programs (for example, MacChanger) allow you to change your MAC address to hide your presence.
  • 📥 High network loadIf an unknown device consumes >50% of your traffic, it can be easily identified in your router's statistics.

☑️ Checklist for checking devices

Completed: 0 / 5

If you spot a suspicious device, don't rush to block it. It could be:

  • 📺 Smart TV a neighbor who automatically connects to open networks;
  • 🎮 Game console (For example, PlayStation or Xbox), which they forgot to turn off;
  • 🔌 Smart socket or another gadget IoT, which connected to your network by mistake.

5. Advanced Methods: Wireshark and Nmap

For in-depth network analysis, use professional tools. They require skill but provide the most comprehensive information.

Nmap scan (for Windows/Linux/macOS):

  1. Download nmap from the official website nmap.org.
  2. Open command prompt and run:
    nmap -sn 192.168.0.0/24

    (replace 192.168.0.0/24 to your subnet, if it is different).

  3. In 1-2 minutes you will receive a list of all active hosts with MAC addresses and open ports.

Traffic analysis in Wireshark:

  • 📊 Launch Wireshark and select the network interface (Wi-Fi or Ethernet).
  • 🔍 Enter into filter wlan.addr == aa:bb:cc:dd:ee:ff (replace with the suspicious MAC address).
  • 📈 Analyze your traffic: If your device is sending a lot of packets to external IP addresses, it could be a botnet or mining activity.
⚠️ Caution: Use Wireshark On corporate networks, this may violate security policies. While this is safe at home, caution is required when analyzing other people's packets.

6. How to block someone else's device

If you are sure that someone has connected to your network, follow these steps:

  1. Change your Wi-Fi password:
    • 🔐 Use a complex password (at least 12 characters with numbers, letters, and symbols).
    • 🚫 Don't use standard combinations like 12345678 or qwerty.
    • 🔄 Change your password every 3-6 months.
  • Enable MAC address filtering:

    Find the section in your router settings MAC Filter and add only your devices to the "whitelist." The downside of this method: if you buy a new gadget, you'll have to update the list.

  • Disable WPS:

    Function Wi-Fi Protected Setup vulnerable to brute-force attacks. Disable it in the router settings (section Security or Wi-Fi).

  • Hide network name (SSID):

    Enable the option Hide SSID — your network will not be displayed in the list of available ones, but you can connect to it if you know its name.

  • Update your router firmware:

    Outdated software versions contain vulnerabilities. Check the firmware update in the section System or Update.

  • What to do if a neighbor hacked your password?

    If your neighbor already knows your password, changing it may not help—they may have saved it on their device. In this case:

    1. Reset the router to factory settings (button Reset for 10 seconds).

    2. Reconfigure the network with a new name (SSID) and password.

    3. Enable encryption WPA3 (if supported).

    4. Check your network for back doors (for example, a guest network with a simple password).

    7. Prevention: How to protect your Wi-Fi from hacking

    It's better to prevent outsiders from connecting than to deal with the consequences. 8 safety rules:

    • 🔒 Use encryption WPA3 (or WPA2-AES, If WPA3 (not supported). WEP And WPA-TKIP hacked in minutes.
    • 📡 Disable the guest network if you're not using it. Guest networks often have weak passwords or are open.
    • 🔄 Check the list of connected devices regularly (once a month).
    • 📵 Disable remote router management (section Administration → Remote Management).
    • 🛡️ Set a complex password for the router admin panel (not admin!).
    • 📴 Turn off UPnP (Universal Plug and Play) - this will reduce the risk of exploiting vulnerabilities.
    • 📊 Set up speed limit for unknown devices (if your router supports it) QoS).
    • 🔍 Use two-factor authentication for your router (available at ASUS, Keenetic and other premium models).

    If your router supports VLAN (virtual networks), divide traffic into separate segments. For example:

    • 💻 VLAN 10 — work devices (PCs, laptops);
    • 📱 VLAN 20 — mobile gadgets;
    • 🎮 VLAN 30 - smart technology (IoT).

    FAQ: Frequently asked questions about other people's Wi-Fi connections

    Is it possible to find out what websites someone else's device is visiting on my network?

    Technically yes, but this violates privacy laws (Article 137 of the Russian Criminal Code). You can only see general traffic (for example, through QoS in the router), but not specific websites. For a deeper analysis, specialized software is required (for example, Wireshark), but its use without the consent of the device owner is illegal.

    What happens if you don't block someone else's device?

    The consequences depend on the "hare's" goals:

    • 🐢 Slow internet — the most harmless. Someone else's device is consuming your data.
    • 🕵️ Data theftVulnerabilities in routers can allow an attacker to intercept passwords for social media or banks.
    • Participation in cyber attacksYour IP may be used for DDoS attacks or spam distribution.
    • 💰 Cryptocurrency mining. Powerful devices (eg. ASIC) can mine using your electricity.

    How to check Wi-Fi for viruses?

    Router viruses are rare but dangerous. Signs of infection:

    • 🔄 Spontaneous reboot of the router;
    • 📥 Unknown devices with MAC addresses from manufacturers like Micro-Star (often used in botnets);
    • 🌍 Redirection to suspicious sites (for example, instead of vk.com opens vk.com.login-security.ru).

    What to do:

    1. Reset your router to factory settings.
    2. Update the firmware from the manufacturer's official website.
    3. Check the computers on the network with an antivirus (for example, Kaspersky Virus Removal Tool).

    Is it possible to track the physical location of a device connected to my Wi-Fi?

    At home, no. Wi-Fi doesn't provide geolocation data for connected devices. The most you can do is:

    • 📶 Check your signal strength (RSSI) in the router settings. If the device is connected via cable but is listed as Wi-Fi, this is suspicious.
    • 🔍 Use apps like Fing to estimate the distance to the device (error - up to 10 meters).

    Accurate tracking requires specialized equipment (eg. Wi-Fi triangulation), which is used by law enforcement agencies.

    Is it legal to block other people's devices on your network?

    Yes, you have every right to manage your home network, including blocking unauthorized devices. However, there are some caveats:

    • 🏠 In apartment building Your Wi-Fi signal may extend to neighboring apartments. If a neighbor accidentally connects to your network (for example, because they have the same network name), simply change the password.
    • 🏢 In office or coworking space Device blocking may be governed by internal rules. Please check with the administration for the policy.
    • 📶 If you are distributing Wi-Fi as public access point (for example, in a cafe), blocking customers may be considered a violation of the agreement.

    In any case, changing the settings own router is not an offense.