Slow internet speeds and intermittent connection drops are often the first warning signs that your wireless connection is being used by unauthorized individuals. In dense urban areas, the range router It often extends beyond the apartment, making the network accessible to nosy neighbors. If you notice that high-definition video content is starting to buffer, even though there were no problems before, it's time to immediately audit your connected clients.
Company Rostelecom provides subscribers with a variety of equipment models, from simple single-band devices to powerful dual-band stations supporting modern encryption standards. However, even the most advanced protection can be compromised if the password is too simple or shared with third parties. In this article, we'll detail methods for identifying uninvited guests and ways to reliably block access to your local network.
There are several effective ways to check the list of active connections: through the router's web interface, using the provider's proprietary mobile app, or using specialized network scanning software. Each method has its own characteristics and level of information detail. The choice of a specific tool depends on the model of your equipment and your preferences for managing network settings.
Indirect signs of unauthorized access
Before moving on to technical testing methods, it's worth paying attention to indirect symptoms that are often ignored by users. One of the most obvious indicators is abnormal behavior of the indicators on the device's body. If the indicator WLAN or Wi-Fi If the light flashes at a high frequency even when all your personal gadgets are turned off or in sleep mode, this is a sure sign of network activity.
You should also be wary if your page loading speed drops to EDGE or 3G levels, even though your plan offers gigabit speeds. An unauthorized user could be hogging your bandwidth by downloading large files or running torrents, which can critically impact ping and connection stability during online gaming and video calls.
⚠️ Attention: Slow internet speeds don't always indicate a hack. Problems can be caused by bandwidth congestion from neighboring routers, ISP maintenance, or equipment malfunction. Always run a comprehensive diagnostic.
Another sign may be an inability to access your router settings. If the default address no longer opens, or the system requires a password you haven't changed, an attacker may have already gained administrative access and changed your credentials to block your access.
Checking via the router's web interface
The most reliable and informative way to get an accurate picture of connected devices is to log into the router's control panel. To do this, enter the device's IP address in the browser's address bar. Rostelecom (often these are Sagemcom, Eltex or Huawei models) the standard address is usually 192.168.1.1 or 192.168.0.1The exact address is also indicated on the sticker on the bottom of the case.
After entering the address, the system will ask for a login and password. By default, most provider devices use the following combinations: admin/admin or admin/1234, unless you've changed them previously. Once in the menu, find the section responsible for the wireless network or client status. The names may vary depending on the firmware: Wireless Status, Connected Devices, Client list or DHCP Client List.
In the list that opens, you'll see all devices currently receiving an IP address from your router. To identify "your own," compare the number of devices with the actual number of devices in your home. Pay attention to the MAC addresses—the unique identifiers of network cards. Typically, the first six characters of the MAC address indicate the device's manufacturer (e.g., Apple, Samsung, Intel), making it easier to find.
☑️ Audit of connected devices
If you find a device you can't identify, don't panic. It could be a smart plug, TV, or set-top box running in the background. However, if, after turning off all your devices, a rogue device remains on the list, you need to take immediate measures to secure your perimeter.
Using the "My Rostelecom" mobile application
For users who find it inconvenient to work with the browser version of the interface, the provider offers a convenient mobile application My RostelecomThis tool allows you to manage services and equipment settings directly from your smartphone, anywhere in the world with internet access. The app's functionality is constantly updated, adding new control options.
To check the list of connected devices, launch the app and log in. In the main menu, select the section related to your home internet connection or a specific router. There should be a "Devices" or "Wi-Fi Clients" tab. The app displays not only the device's name (if broadcast by the device), but also the connection type (2.4 GHz or 5 GHz).
The advantage of the mobile method is the ability to instantly block. When you see an unfamiliar name, you can click on it and select "Block" or "Restrict Access." The system will immediately add the offender's MAC address to the blacklist, and the connection will be terminated. This is faster than fiddling with complex web interface settings.
| Parameter | Web interface | My Rostelecom application | Third-party software |
|---|---|---|---|
| Availability | Within the network only | From anywhere in the world | Depends on the software |
| Blocking functionality | Full (MAC filter) | Basic (client blocking) | Often only monitoring |
| Difficulty of use | High | Low | Average |
| Data granularity | Full (IP, MAC, time) | Basic (Name, Type) | Different |
In some older equipment models, the application functionality may be limited to viewing the balance only.
Network analysis using third-party programs
If the built-in tools don't seem informative enough or your router's interface is blocked, specialized network scanning utilities can help. One of the most popular and powerful programs for PCs is Wireless Network Watcher from NirSoft, and for mobile devices - Fing or WiFi Analyzer.
These programs scan the entire IP address range of your local subnet and generate a detailed report on all responding devices. They can identify the operating system, network adapter manufacturer, and even the approximate time of activity. This allows you to create a complete map of your home network.
Using such tools is especially useful for identifying "dormant" connections that aren't actively transmitting traffic but are formally authorized on the network. The program will show the device even if it's simply keeping the channel open. However, it's important to note that antivirus software may detect port scanning as suspicious activity.
⚠️ Attention: Download network analysis software only from the developers' official websites. Versions from third-party sources may contain viruses, which themselves can cause data leaks.
After scanning, you'll receive a list to analyze. Look for devices with names containing the words "IP Camera," "Android," or "Unknown," along with unfamiliar MAC addresses. If the program shows a device you just physically turned off, it means someone else is using its network ID or it's a clone.
What is MAC filtering?
MAC filtering is a network access control method based on the unique physical addresses of network cards. Unlike a password, which can be communicated, the MAC address is hardcoded into the device. By setting up an Allow List, you allow access only to trusted devices. However, this method is labor-intensive: to connect a new guest, you must manually enter their address into the router settings.
Blocking methods and network protection
Once you detect an intruder, you must immediately grant them access. The simplest, but temporary, method is to change your Wi-Fi password. After changing the encryption key, all devices will be disconnected, and reconnecting will require a new code. This is effective if you suspect your neighbors have simply learned your password.
A more radical and reliable method is to use MAC filteringIn the router settings (Wireless MAC Filter section), you can enable "Allow" mode and enter the MAC addresses of all your devices. Even with the password, someone else won't be able to connect, as their physical address won't be on the allowed list.
It's also crucial to change the password for accessing the router settings. The default admin/admin password is an open door for anyone with a Google search. Create a complex combination of letters and numbers that's impossible to brute-force within a reasonable amount of time.
Don't forget to check your Remote Management settings. This feature allows you to administer your router from an external network (the internet). Unless you use this feature professionally, it should be disabled to prevent hackers from trying to guess your router password from anywhere in the world.
Frequently Asked Questions (FAQ)
Can my neighbor see my files via Wi-Fi?
If you don't have a guest network configured and files are shared across your entire home network, then theoretically yes. An attacker on the same network could try to scan open ports and shared folders. Therefore, it's important not only to change your Wi-Fi password but also to check your network discovery settings in Windows and other operating systems, setting the network status to "Public."
Why hasn't the speed been restored after changing the password?
There may still be devices connected via WPS (quick connect button) on the network, if this feature hasn't been disabled. The problem may not be traffic theft, but rather a technical issue with the line, an overloaded ISP node, or a faulty router that requires a reboot or replacement.
Is it safe to use the WPS function?
No, WPS technology is considered vulnerable. There are programs that can crack the WPS PIN code in a few hours or even minutes. If your router Rostelecom If there is a physical WPS button, it is better to disable this function in the software interface to eliminate this attack vector.
What should I do if I can't access my router settings?
Try resetting your device to factory settings by holding the Reset button for 10-15 seconds. This will restore the default password and IP address. Afterward, immediately change the factory credentials to your own to avoid being left holding the door open.