How to Check Who's Connected to Your Wi-Fi: A Complete Guide (2026)

Have you noticed that your internet has become slower, even though your plan hasn't changed? Or is your router blinking suspiciously frequently, even when all your home devices are turned off? Perhaps your Wi-Fi networks outsiders joined in. According to data Kaspersky, every fifth router in Russia has vulnerabilities that allow attackers to access the network without a password. In this article, we'll examine All current methods for checking connected devices — from standard router tools to advanced methods using the command line and specialized software.

Illegally connecting to someone else's network isn't just about traffic theft; it's also a security risk. Attackers can use your router to intercept data, distribute malware, or even use your IP address for illegal activities. Therefore, it's important to regularly audit your device list. We've compiled instructions for various types of equipment, from budget routers to TP-Link And D-Link to advanced models ASUS RT-AX88U And KeeneticIf you're unsure of your router model, don't worry: most methods are universal.

1. Checking via the router's web interface

The most reliable and accurate way is to go to the router's control panel. This displays all connected devices and their MAC addresses, IP, and even names (if they are broadcast). The instructions are suitable for 90% of modern routers, including MikroTik, Zyxel And Tenda.

To open the web interface:

  1. Find out the IP address of your router. This is usually 192.168.0.1 or 192.168.1.1You can check it through the Windows command line: enter ipconfig and find the line Main gateway.
  2. Enter this IP into the address bar of your browser (for example, http://192.168.0.1).
  3. Log in. The default login and password are usually indicated on the router sticker (most often admin/admin or admin/password).

The next step depends on your router model. Here's where to find a list of devices in popular firmware versions:

  • 🔹 TP-Link: Wireless Mode → Wireless Mode Statistics or DHCP → DHCP Client List
  • 🔹 ASUS: Network Map → Clients or Local Network → DHCP Server
  • 🔹 Keenetic: Devices → Device List (it even shows your connection history)
  • 🔹 D-Link: Status → Wireless Clients or Network → LAN
⚠️ Important: If you've never changed your router's control panel password, do so immediately after testing! By default, many models are vulnerable to brute-force attacks. Use a complex password of at least 12 characters, including numbers and special characters.

The table below shows an example of what a list of devices might look like in the web interface (data is conditional):

Device name MAC address IP address Connection type
1 iPhone-13-Pro A4:83:E7:12:F5:89 192.168.0.101 Wi-Fi (5 GHz)
2 DESKTOP-R7T4V2K 7C:DD:90:4A:B1:2E 192.168.0.102 Ethernet
3 Unknown 00:1A:79:8B:3C:4D 192.168.0.105 Wi-Fi (2.4 GHz)
4 Samsung-TV-Q70 34:E6:D7:22:1A:6F 192.168.0.103 Wi-Fi (5 GHz)

Pay attention to the devices with the name Unknown or unfamiliar MAC addresses. To identify them, you can:

  • 🔍 Enter the MAC address into a search engine (for example, 00:1A:79 OUI lookup) - many manufacturers register address prefixes.
  • 📱 Disconnect your devices from the network one by one and see which one disappears from the list.
  • 🛡️ Temporarily block a suspicious device through the router settings (optional) Block or Block).
📊 How often do you check the devices connected to your Wi-Fi network?
Never
Once every six months
Once a month
Only when I notice problems

2. Using mobile applications

If you're too lazy or intimidated to access your router settings, you can use specialized smartphone apps. They scan your network and display all connected devices along with additional information, including manufacturer, device type (smartphone, laptop, TV), and even approximate location (for some router models).

Top 5 verified apps for Android and iOS:

  • 📱 Fing — the most popular solution with a database of over 1 billion devices. It displays open ports and network vulnerabilities. The free version is limited to one network.
  • 🛡️ NetScan — a simple scanner with the ability to ping devices and check their availability. Compatible with iOS.
  • 🔍 WiFi Guard — Automatically notifies you of new devices on the network. A "whitelist" feature is available for trusted devices.
  • 📊 IP Tools — a multifunctional tool with a network scanner, speed test, and traffic analysis.
  • 🔗 Who Is On My WiFi — specializes in detecting unauthorized connections. A Windows version is available.

Example of working with Fing:

  1. Download the app from Google Play or App Store.
  2. Connect to your Wi-Fi network.
  3. Click Scan — after 10-20 seconds a list of devices will appear.
  4. Click on any device to see details: MAC, IP, manufacturer and connection history (in the pro version).
⚠️ Note: Some applications (eg. Fing) require access to geodata and contacts. This is necessary to determine the location of devices on the network, but if this bothers you, use alternatives like NetScan, which operate without unnecessary permits.

Advantages of mobile applications:

  • ✅ No need to remember your router password.
  • ✅ User-friendly interface with network visualization.
  • ✅ Additional features: speed test, port check, traffic monitoring.

Flaws:

  • ❌ Devices connected via cable (Ethernet) may not be shown.
  • ❌ Free versions often have limited functionality.

Disconnect it from the network via the app or router|

Check if a guest (such as a friend or neighbor) has joined|

Change your Wi-Fi password to a more complex one (at least 12 characters)|

Enable MAC address filtering (if supported by your router)-->

3. Windows Command Prompt (for advanced users)

If you prefer to work without graphical interfaces, you can check the network via the command line. WindowsThis method is suitable for advanced users and allows you to obtain detailed information about all devices on the local network, including those connected via cable.

Instructions:

  1. Open Command Prompt as Administrator: Press Win + X and select Terminal (Administrator) or Command Prompt (Administrator).
  2. Enter the command to view all active connections:
    arp -a

    This command will display the ARP (Address Resolution Protocol) table, where each IP address has a corresponding MAC address.

  3. For more detailed information, use:
    nbtstat -a [IP address]

    For example: nbtstat -a 192.168.0.105 - this will help identify the device by its network name.

  4. For port scanning (advanced level) you can use:
    telnet [IP address] [port]

    For example: telnet 192.168.0.105 80 — checking whether the web port is open (if the answer is "Connection not established", the port is closed).

Example of command output arp -a:


Interface: 192.168.0.102 --- 0x12

Internet Address Physical Address Type

192.168.0.1 aa-bb-cc-dd-ee-ff dynamic

192.168.0.101 11-22-33-44-55-66 dynamic

192.168.0.105 00-1a-79-8b-3c-4d dynamic

To identify unknown MAC addresses, use online services like MAC Vendor Lookup or Wireshark OUI LookupFor example, the address 00:1A:79 belongs to the company Intel Corporate, A 7C:DD:90Samsung Electronics.

⚠️ Attention: Teams nbtstat And telnet may not work in modern versions of Windows 10/11 by default. To enable them, go to Control Panel → Programs → Turn Windows features on or off and check the boxes "Telnet Client" and "NetBIOS over TCP/IP Helper Service".
arp -a | findstr "192.168.0"

This will only show devices from your subnet.-->

4. Testing via macOS and Linux

Users MacBook or PC on Linux (For example, Ubuntu, Debian) can also scan the network without third-party programs. These operating systems have built-in utilities that provide even more information than Windows.

For macOS:

  1. Open Terminal (can be found via Spotlight on click Cmd + Space).
  2. Enter the command to scan the network:
    nmap -sn 192.168.0.0/24

    If your subnet is different (for example, 192.168.1.0), replace it in the command.

  3. For detailed information about a specific device:
    nmap -O 192.168.0.105

    Flag -O attempts to determine the device's operating system.

For Linux (Ubuntu/Debian):

  1. Install nmap, if it is not installed:
    sudo apt update && sudo apt install nmap
  2. Start the scan:
    sudo nmap -sn 192.168.0.0/24
  3. To see open ports and services:
    sudo nmap -sV 192.168.0.105

Output example nmap:


Starting Nmap 7.80 ( https://nmap.org )

Nmap scan report for 192.168.0.105

Host is up (0.045s latency).

MAC Address: 00:1A:79:8B:3C:4D (Intel Corporate)

Nmap scan report for 192.168.0.101

Host is up (0.002s latency).

MAC Address: A4:83:E7:12:F5:89 (Apple)

Advantages nmap:

  • 🔹 Shows not only MAC and IP addresses, but also open ports, which helps identify vulnerable devices.
  • 🔹 Can detect the device type (router, printer, smartphone) and even the OS version.
  • 🔹 Works in the background and can scan large networks.
⚠️ Warning: Scanning other people's networks without permission may be considered a hacking attempt. Use nmap only in your local network!
How to install nmap on macOS if it is not installed?

By default nmap It is not installed on macOS, but it is easy to add via Homebrew:

  1. Install Homebrew (if not already installed):
    /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
  2. Install nmap:
    brew install nmap

After this, the commands from the instructions will work.

5. Analyzing traffic using Wireshark

For deep network analysis, you can use Wireshark — a professional traffic monitoring tool. It displays all data packets passing through the network, including connections from unknown devices. This method is suitable for IT professionals or users who want to understand the network at an expert level.

How to use Wireshark:

  1. Download and install the program from the official website wireshark.org.
  2. Select the network interface to monitor (Wi-Fi or Ethernet).
  3. Start packet capture (button Start).
  4. After 1-2 minutes, stop capturing and apply the filter:
    wlan.addr == 00:1a:79:8b:3c:4d

    This will show all traffic from the device with the specified MAC address.

  5. Analyze protocols (HTTP, DNS, ARP) - this will help you understand what the suspicious device is doing.

What can be revealed with the help of Wireshark:

  • 🔹 DDoS attacks: if the device sends thousands of packets per second to a single IP.
  • 🔹 Hacking attempts: password selection by protocol SSH or Telnet.
  • 🔹 Unauthorized traffic: for example, torrents or streaming from someone else's device.
⚠️ Attention: Wireshark Requires in-depth knowledge of network protocols. Inexperienced users may miss important details or misinterpret data. For basic verification, the methods in the previous sections are sufficient.

6. Checking through the provider (if the router is rented)

If your router is provided by your ISP (for example, Rostelecom, Beeline, MTS), you may not have access to full settings. In this case, you can contact your provider's support team and ask them to check your connected devices. Many operators provide this information upon request.

How to request data from a provider:

  1. Call customer support (the number is usually listed in the contract or on the provider’s website).
  2. Tell them you suspect an unauthorized connection to your network.
  3. Please provide your passport details and contract number for identification.
  4. Ask to provide a list of MAC addresses of devices that have connected to your router over the past day/week.

What the provider can provide:

  • 📋 List of all devices that received an IP address via DHCP.
  • 📊 Traffic consumption graph over time (helps identify peak loads from third-party devices).
  • 🔍 Connection logs (if supported by your plan).
⚠️ Please note: Not all providers store detailed connection logs. For example, Dom.ru And Third Transport Ring They can only provide current active devices; history will not be available. Please confirm this information before calling.

An alternative method is to use your provider's personal account. Some operators (for example, MGTS) show a list of connected devices directly in the web interface. Look for a section like My Network or Wi-Fi Management.

7. How to block other people's devices

If you find a foreign device on your network, you should disable it immediately. Here are 5 ways to block it:

Method 1: Change your Wi-Fi password

The simplest and most effective method is to change the network password. This will disconnect all devices, and only those you share the new password with will be able to connect.

  • 🔑 Use a password of at least 12 characters with capital letters, numbers, and special characters (e.g. Wifi@Home2026!Kot).
  • 🔄 Change your password every 3-6 months.

Method 2. Filtering by MAC addresses

Many routers allow you to create a "whitelist" of allowed MAC addresses. All other devices will be unable to connect.

How to set up (using example) TP-Link):

  1. Log into your router's web interface.
  2. Go to Wireless Mode → MAC Filter.
  3. Enable filtering and add the MAC addresses of your devices.
  4. Save the settings and reboot the router.

Method 3. Disabling WPS

Function WPS (Wi-Fi Protected Setup) simplifies connecting devices, but it often has vulnerabilities. Disable it in your router settings (Wireless Mode → WPS).

Method 4. Hiding the network name (SSID)

If you disable network name broadcasting (SSID), your Wi-Fi won't be visible in the list of available ones. Only those who know the exact name and password will be able to connect. The setting is in Wireless → Wireless Settings (option Hide SSID).

Method 5. Guest network

Create a separate guest network for friends and temporary devices. Keep the main network for your own devices only. You can set this up in the section Guest network or Additional Wi-Fi settings.

⚠️ Note: MAC address filtering is not 100% secure—skilled attackers can spoof your MAC address. Use it as an additional precaution, along with a strong password and disabling WPS.

FAQ: Frequently Asked Questions

Is it possible to find out who exactly is using my Wi-Fi (name, address)?

No, a user's identity cannot be determined using a MAC address or IP address. The most that can be determined is the device manufacturer (e.g. Xiaomi or Samsung) and approximate location (if the device broadcasts geolocation data, which is rare). To identify a specific person, data from the provider is required through a subpoena.

What should I do if a device named "Unknown" appears on the network?

Don't panic - it could be:

  • 📱 A new device (such as a smart light bulb or fitness tracker) that doesn't broadcast its name.
  • 🖥️ Device with disabled mDNS (the protocol responsible for names on a local network).
  • ⚠️ Third-party device. Check the MAC address via MAC Vendor Lookup and block him if you don't know him.

Disconnect all your devices from the network for 5 minutes - if "Unknown" disappears, it means it was your gadget.

How to check Wi-Fi for viruses?

The Wi-Fi network itself can't be "infected" with viruses, but devices connected to it can. To check:

  1. Scan all your gadgets with an antivirus (Kaspersky, Dr.Web, ESET NOD32).
  2. Check your router for malicious firmware. To do this:
    • Update the firmware to the latest version (section System Tools → Software Update).
    • Reset to factory settings if you notice any strange behavior.
  • Use Wireshark to analyze suspicious traffic (as described in section 5).
  • If the router is infected (for example, it is part of a botnet), its behavior will be abnormal: high CPU load, connections to unknown IPs, changed DNS settings.

    Can my neighbor connect to my Wi-Fi if I hide the SSID?

    Yes, hiding SSID is not a reliable protection. An experienced user can:

    • 🔍 Detect the network by scanning the air (utilities like Kismet or Wireshark will show hidden networks).
    • 🔑 Pick a password if it is weak (even without a visible SSID).

    Hiding your SSID makes it harder for random users to connect, but it doesn't stop targeted attacks. Always use a strong password and encryption. WPA3 (or WPA2, If WPA3 (not supported).

    How can I find out how much traffic someone else's device is using?

    There are several ways:

    1. Via a router: In the web interface, look for the section Traffic statistics or Bandwidth monitoringFor example, in Keenetic This Internet → Statistics.
    2. Through applications: Fing or GlassWire show traffic consumption by device.
    3. Through the provider: In the personal account of some operators (for example, Beeline) there are graphs of consumption over time.

    If someone else's device is using a lot of traffic (for example, more than 10 GB per day), it could be:

    • 🎬 Video streaming (Netflix, YouTube).
    • 📥 Download torrents.
    • 🕵️‍♂️ Hacking activity (for example, cryptocurrency mining through your router).