Have you noticed that your internet has become slower and your data is running out suspiciously quickly? Perhaps other devices have connected to your Wi-Fi. According to KasperskyOne in five routers in Russia has vulnerabilities that allow attackers to connect to the network without the owner's knowledge. Even if you're confident your password is secure, risks remain: neighbors might guess it, and guests might forget to disconnect.
In this article you will find 7 proven methodsHow to find out who's using your Wi-Fi, including hidden methods for experienced users. We'll show you how to do this using router web interface, mobile apps, specialized programs, and even the command line. You'll also learn how block other people's devices forever and protect the network from repeated intrusions.
1. Checking via the router's web interface (universal method)
The most reliable way is to go to the router control panel. Almost all modern models (TP-Link, ASUS, Keenetic, Zyxel, MikroTik) display a list of connected devices. You only need Router IP address (usually 192.168.0.1 or 192.168.1.1) and login details (login/password).
Instructions:
- 🔌 Connect to the Wi-Fi network you're testing (or use an Ethernet cable).
- 🌐 Open your browser and enter in the address bar
192.168.0.1or192.168.1.1If it doesn't work, try192.168.8.1(For TP-Link) ormy.keenetic.net(For Keenetic). - 🔑 Enter your login and password (by default it is often
admin/admin, but it’s better to check on the router’s sticker). - 📊 Find the section
DHCP clients,List of devices,WirelessorLocal area network(names vary depending on model).
In the table you will see:
| Parameter | What does it mean? | Example of meaning |
|---|---|---|
| IP address | A unique identifier for a device on your network. | 192.168.0.103 |
| MAC address | Physical address of the network card (does not change) | 00:1A:2B:3C:4D:5E |
| Host name | Device name (may be empty) | iPhone-12-Pro or android-abc123 |
| Connection time | When the device is connected to the network | 2026-05-15 14:30:22 |
How to identify other people's devices? Compare the list with the gadgets that should be online. Pay attention to:
- 📱 Unknown MAC addresses (You can google the first 6 characters to find out the manufacturer).
- ⏱️ Devices connected at unusual times (for example, at night when everyone is sleeping).
- 🔄 High traffic activity (visible in some routers, for example, ASUS RT-AX88U).
⚠️ Attention: If you've never changed your router admin panel password, do so immediately! Attackers can not only use your Wi-Fi but also reconfigure your router (for example, by spoofing your DNS to steal data).
2. Mobile apps for Wi-Fi monitoring
If you're too lazy to access your router settings or don't have access, use specialized apps. They scan your network and display all connected devices directly on your smartphone. The best options are:
- 📱 Fing (Android/iOS) — identifies the device manufacturer by MAC address, shows open ports and vulnerabilities.
- 🛡️ WiFi Guard (Android) - Compares the current list of devices with the previously saved one and notifies about new connections.
- 🔍 NetScan (iOS) - Scans the network and exports reports to CSV.
- 📊 IP Tools (Android) — in addition to the list of devices, it checks internet speed and ping.
How to use (using Fing as an example):
- Download the app from App Store or Google Play.
- Connect to the Wi-Fi network you are testing.
- Start scanning (button
ScanorNetwork analysis). - Wait for it to complete (it will take 10-30 seconds).
- View the list of devices sorted by IP or MAC addresses.
Benefits of the apps:
- ✅ No need to go into router settings.
- ✅ You can save a "white list" of your devices and receive notifications about new ones.
- ✅ Some programs (for example, Fing) show neighbors' router models and the strength of their signal.
⚠️ Attention: Free versions of the apps may collect data about your network for analytics. Please check your smartphone's settings for permissions before using them.
Make sure it's not your gadgets (smart watches, speakers, cameras)
Change your Wi-Fi password to a more complex one (at least 12 characters)
Enable MAC address filtering (if supported by your router)
Update your router firmware to the latest version-->
3. Checking via the command line (for Windows)
If you prefer to work without third-party programs, you can use built-in tools WindowsThis method is suitable for experienced users and allows you to get a complete list of devices on the network, including those that are not displayed in the router's web interface.
Instructions:
- Click
Win + R, entercmdand pressEnter. - Enter the command:
arp -aIt will show a table of IP and MAC addresses mapping.
- For more detailed information, use:
nbtstat -a [IP address]For example:
nbtstat -a 192.168.0.101. - For port scanning (advanced level) the following is suitable:
netstat -ano
How to decipher the results?
- 🔢
Internet Address— Device IP address. - 🔤
Physical Address— MAC address (if displayed asff-ff-ff-ff-ff-ff, the device is turned off). - 🔄
Type— connection type (dynamic— dynamic IP,static— static).
To automate the process, you can use a script on PowerShell:
Get-NetNeighbor | Select-Object IPAddress, LinkLayerAddress, State | Format-Table -AutoSize
⚠️ Attention: TeamsarpAndnbtstatonly show devices that have recently communicated with your PC. For a full network scan, it's best to use Advanced IP Scanner or Angry IP Scanner.
4. Analyzing Traffic with Wireshark (Advanced)
Wireshark — is a powerful network traffic analyzer that allows you to not only see all connected devices but also track the data they transmit. This method requires skill, but it provides the most complete picture possible.
How to use:
- Download Wireshark from the official website and install.
- Launch the program and select the network interface (Wi-Fi adapter).
- Click
Startto start capturing packets. - Enter in the filter
wlan.addr == [your_MAC]to filter traffic for a specific device. - Analyze packets: pay attention to
DHCP,ARPAndHTTP-requests.
What can you learn:
- 🕵️♂️ Active connections even those devices that are not displayed in the router.
- 📤 Traffic type (for example, if someone else's device is downloading torrents).
- 🌍 Geolocation (by IP addresses of external servers with which the device communicates).
Example of a filter for searching for new devices:
(eth.dst == ff:ff:ff:ff:ff:ff) && (eth.src != [your_MAC])
⚠️ Attention: Usage Wireshark Intercepting traffic from other devices may violate privacy laws (Article 138 of the Criminal Code of the Russian Federation). Use this method only for analysis. his own networks!
How to find out the manufacturer by MAC address?
The first 6 characters of the MAC address (OUI) indicate the manufacturer. For example:
- 00:1A:79 — Apple
- 3C:5A:B4 — Google (devices Nest)
- B8:27:EB — Raspberry Pi
The full list can be found on the website IEEE or by searching for "MAC vendor lookup".
5. MAC Filtering: How to Block Intruders
If you find any foreign devices, they need to be blockThe most reliable way is MAC address filteringThis means that only devices from the "white list" will be able to connect to your Wi-Fi.
Instructions for popular routers:
- 📡 TP-Link:
- Go to
Wireless Mode → MAC Filtering. - Select
Enable filtering. - Add the MAC addresses of your devices to the list.
- Set a rule
Allow stations from the list to access the network.
- Go to
- 🖥️ ASUS:
- Open
Local Network → DHCP Server. - Turn on
Manual IP assignment by MAC address. - Add devices to the list and save.
- Open
- Go to
Home Network → Devices. - Click on the three dots next to someone else's device and select
Block. - 🔓 WPS attack: many routers support the technology Wi-Fi Protected Setup (WPS), which allows connection using a PIN code. Attackers can brute-force it within hours.
- 📡 MAC address spoofing: If you use MAC filtering, a skilled hacker can replace their address with an authorized one.
- 🕵️ Phishing networks: the attacker creates an access point with a name similar to yours (for example,
my_wifi_5Ginstead ofmy_wifi), and intercepts traffic. - 🔄 Firmware vulnerabilities: Outdated versions of router software contain vulnerabilities that allow authorization to be bypassed.
- 🔒 Disable WPS in the router settings (section
Wireless Network → WPS). - 🔄 Update the firmware to the latest version (in Keenetic this is done automatically, in TP-Link — manually).
- 📛 Change the network name (SSID) to something unique that does not contain personal information (e.g., not
Ivanov_WiFi, ABlueDragon777). - 🛡️ Enable guest network for friends - it is isolated from the main one and has a separate password.
Pros and cons of the method:
| Advantages | Flaws |
|---|---|
| ✅ Maximum protection against unauthorized connections | ❌ You need to manually add MAC addresses of new devices |
| ✅ Works even if an attacker has learned your password | ❌ MAC addresses can be spoofed (spoofing) |
| ✅ Compatible with most routers | ❌ Doesn't protect against attacks on the router itself (for example, through firmware vulnerabilities) |
Alternative blocking method: in some routers (for example, MikroTik) you can limit the speed for specific devices or completely disable their internet access without blocking the network connection.
6. Hidden Threats: How Attackers Connect to Your Wi-Fi
Even if you haven't found any unauthorized devices on your network, that doesn't mean your Wi-Fi is safe. Attackers use non-obvious methodsto gain access:
How to protect yourself?
⚠️ Attention: If your router supports the protocolWPA3, be sure to turn it on insteadWPA2It is protected from most modern attacks, including Dragonblood.
7. Automatic notifications about new devices
To avoid checking the network manually, set up automatic notifications about new connections. This can be done through:
- 📱 Mobile applications: Fing, WiFi Guard or GlassWire can send push notifications when new devices are detected.
- 🖥️ Scripts on the router: on MikroTik or OpenWRT You can set up automatic sending of email/SMS when a new MAC address is connected.
- 🌐 Cloud services: some routers (for example, ASUS AiProtection) integrated with cloud monitoring systems.
- Open the app and perform a network scan.
- Go to the section
Alerts(Notifications). - Enable the option
New device detected(New device detected). - Select the notification method: push, email or SMS.
- Change Wi-Fi password complex (minimum 12 characters, with numbers and special characters).
- Turn it off WPS and check if it is turned on
UPnP(it can open ports for attacks). - Update your router firmware.
- If the problem persists, reset your router to factory settings and set it up again.
Example of setting up notifications in Fing:
Example script for MikroTik (sending email upon new connection):
/system script add name=NewDeviceAlert source={:local newMac [$mac]
:local subject ("New device connected: " . $newMac)
:local body ("MAC: " . $newMac . "\nTime: " . [/system clock get time])
/tool e-mail send to="your@email.com" subject=$subject body=$body
}
/ip dhcp-server lease add script=NewDeviceAlert
For routers on OpenWRT you can use the package nodogsplash or wifidog to authorize devices via captive-portal.
FAQ: Frequently Asked Questions about Wi-Fi Security
Is it possible to find out who exactly connected to my Wi-Fi (name, address)?
No, you can only determine the MAC or IP address device manufacturer (For example, Samsung or Xiaomi). To identify a specific person, law enforcement agencies need to be involved—they can request data from the provider by IP (but this only works for external addresses, not local ones).
What should I do if someone else's device connects again after being blocked?
This means the attacker is either spoofing the MAC address or has cracked the password. Steps:
How to check Wi-Fi for viruses?
Viruses on the Internet can spread through vulnerable devices (for example, old smartphones or IoT-gadgets). To check:
- Use antivirus with network scanner (For example, Kaspersky Internet Security or ESET NOD32).
- Check your devices for suspicious processes (in Windows - through
Task Manager, V Android - through Malwarebytes). - Disconnect all devices from the network one by one and monitor the speed. If the internet speed increases after disconnecting one of them, check it for viruses.
Can my neighbor steal my Wi-Fi if the signal is weak?
Yes, even a weak signal can be amplified with directional antenna or repeaterAttackers can also:
- Use parabolic antenna to capture a signal at a distance of up to 1 km.
- Connect via hidden networks (if your Wi-Fi does not broadcast SSID).
- Use social engineering (for example, asking for a password under the pretext of "urgently needing to send a message").
To protect yourself:
- Reduce the signal transmission power in your router settings.
- Turn on 5 GHz mode - It has a shorter range but higher speed.
- Use VPN on a router (For example, OpenVPN), so that even when connected, other people's devices cannot intercept traffic.
What is the most secure Wi-Fi password?
Ideal password:
- 🔐 Length: at least 12 characters (preferably 16+).
- 🔢 Compound: letters of different registers, numbers, special characters (
!@#$%and others). - 🎲 Non-obviousness: Do not use dates of birth, names, or words from a dictionary.
- 🔄 Regular change: Update your password every 3-6 months.
Examples of strong passwords:
kL9#pQ2!xR4@mN1*Blue$Dragon777!MoonT3$tP@ssw0rd!ForWiFi
Do not use:
12345678,qwerty,password.- Names of pets or family members.
- Phone numbers or addresses.