When your internet connection becomes unstable and speed drops to a crawl, even without active downloads, it's often a sign that your wireless network is being used by third parties. Modern gadgets, smart plugs, and TVs constantly consume bandwidth, but if the number of active connections exceeds the number of your personal devices, it's time to sound the alarm. Uninvited guests They can not only slow down your network, but also access your personal data if your home local network is not properly secured.
Checking the list of connected clients is the first step to ensuring cybersecurity your perimeter. Fortunately, you don't need to be a professional system administrator or have mastered complex pentesting utilities to do this. Most modern routers, whether TP-Link, Asus, Keenetic or MikroTik, have built-in monitoring tools that display all the necessary information in real time.
In this article, we'll cover all available methods: from the standard router web interface to specialized mobile apps and the command line. You'll learn not only how to identify intruders but also how to determine which devices are truly yours and which are not. The most reliable way to monitor this is to regularly check the list of DHCP clients in your router's admin panel.
Using the router's web interface to check
The most accurate and reliable way to find out who's using your Wi-Fi is to access your router's settings. The router assigns IP addresses and knows about every device that has requested access to the network. First, you need to log into the control panel by entering the gateway IP address in your browser's address bar. 192.168.0.1 or 192.168.1.1.
After entering your login and password (which are often found on a sticker on the bottom of the device if you haven't changed them), you need to find the section responsible for the wireless network or client status. Depending on the model and firmware, this section may have different names. For example, TP-Link This is often a tab Wireless -> Wireless Statistics, and at Asus — Network map or System log.
In the list that opens, you'll see MAC addresses and possibly device names. To identify "your" devices, compare the displayed names with your existing gadgets. The system often suggests the device type automatically, for example, iPhone, Samsung-TV or UnknownIf you see a device named "Unknown" or a strange set of characters that you can't identify, this is cause for concern.
It's important to understand that some devices may hide their real names by displaying as "generic" or simply a string of numbers. In such cases, comparing MAC addresses can be helpful. The first six characters of the MAC address (OUI) indicate the network interface manufacturer. You can check this prefix in open databases to determine the brand of the network card used by a suspicious client.
Mobile applications for network analysis
If you're temporarily unavailable to your computer or want to quickly perform a scan from your smartphone, specialized apps can help. They scan your local network and provide a detailed report on all active hosts. One of the most popular and functional tools is the app Fing, available for both Android, and for iOS.
After running the scan, the app will display a list of all devices on the same subnet as your phone. You'll see their IP addresses, MAC addresses, manufacturers, and even approximate models. This allows you to quickly filter out your devices. For example, if you see a newly purchased device on the list Xiaomi light bulb and yours MacBook, but also unknown Windows PC, which means someone connected without your knowledge.
Other useful apps include Network Analyzer And WiFiman from UbiquitiThey provide slightly more technical information, such as signal quality (RSSI) for each device, which can help identify the source of an unwanted signal in your apartment or house. However, it's important to remember that these apps only see devices that have responded to the scan request; some security systems may ignore such requests.
⚠️ Please note: Mobile apps only work within your local network. They cannot show devices that are connected to your Wi-Fi but are currently out of range (although this is unlikely for typical home use).
Computer monitoring programs
For more in-depth analysis and continuous monitoring, it is more convenient to use PC software. Programs like Wireless Network Watcher from NirSoft or Angry IP Scanner They allow you to not only view the list but also save logs and set notifications for new devices. This is especially relevant for office networks or large homes.
Wireless Network Watcher is a lightweight utility that requires no installation. It scans a range of IP addresses you specify and displays a list of all active devices. A unique feature of the program is the ability to configure a sound alert: as soon as a new MAC address appears on the network, the computer will sound an alarm. This allows you to immediately respond to intrusions.
It is also worth mentioning the built-in tools of the operating system. Windows You can use the command line to get basic information. By entering the command arp -a, you'll get a table of IP addresses and physical MAC addresses with which your computer has recently communicated. This isn't a complete list of all router clients, but it's a good way to see active network neighbors.
☑️ Network security check
For advanced users, there are tools like Advanced IP Scanner, which allow you not only to scan the network but also to access shared folders or even shut down computers (if you have administrator rights). Be careful when using these features to avoid accidentally disrupting important network services or smart devices.
Table of device identification by MAC address
One of the most difficult things for the average user is understanding what lies behind the string of numbers and letters in a MAC address. Network card manufacturers have unique prefixes that aid in identification. Below is a table with examples of prefixes from popular vendors to help you navigate the list of connections more quickly.
| MAC Prefix (OUI) | Manufacturer | Typical devices | Probability of threat |
|---|---|---|---|
| 00:1A:2B | Apple, Inc. | iPhone, iPad, Mac, Apple TV | Low (if you have Apple technology) |
| 3C:5A:B4 | Samsung Electronics | TVs, smartphones, tablets | Low (if you have Samsung equipment) |
| 68:A8:6D | Huawei Technologies | Routers, smartphones, modems | Medium (often used in modems) |
| B8:27:EB | Raspberry Pi Foundation | Single-board computers, smart home | Depends on your projects |
| 00:50:C2 | IEEE Registration | Various network equipment | Needs verification |
Using this data, you can filter out known devices. For example, if you don't have any equipment Raspberry Pi, and a device with the corresponding prefix appears in the list, this is a clear sign of an intruder or a forgotten gadget. However, keep in mind that modern smartphones often use "MAC address randomization" to protect your privacy.
This means the device may present itself to the network under a different name and address each time, which confuses monitoring systems. You can disable this feature in your phone's settings (under the Wi-Fi section for a specific network) and use a fixed address so the router always recognizes your device.
Signs of unauthorized access
How can you tell if someone else is accessing your Wi-Fi without even accessing your router settings? There are a number of indirect signs that should alert an attentive user. First and foremost, a sharp drop in internet speed during hours when you're not downloading anything or watching high-definition videos.
The second sign is strange behavior of the router's indicators. If the WLAN (or Wi-Fi) light flashes frequently and erratically when all your devices are asleep or turned off, this means there's active data transfer. The third sign is an inability to connect to your own network due to an "Incorrect Password" message, even though you haven't changed it. This could mean someone has changed the settings or the connection limit has been reached.
Can my neighbor steal my password?
Yes, if you have a simple password set or the WPS feature enabled. Specialized apps on Android can brute-force simple combinations or exploit WPS vulnerabilities in minutes.
It's also worth paying attention to your antivirus settings. If the firewall constantly reports port scanning attempts or intrusions from the local network, it means a new, potentially hostile, member has appeared on your internal network. In such cases, you should immediately change your wireless network security key.
How to block uninvited guests
If you've discovered someone else's device, it's time to act. The simplest and most effective method is to change the Wi-Fi password. After changing the encryption key, all devices will be disconnected, and you'll have to reconnect your devices using the new password. Be sure to use standard encryption. WPA2-PSK or WPA3, since the old WEP can be cracked in minutes.
A more flexible method is to use MAC filtering. In the router settings (section Wireless -> MAC Filtering) you can create a whitelist of allowed addresses. In this mode, the router will only allow devices whose MAC addresses are included in the table to connect to the network. All others, even with the password, will be unable to connect.
⚠️ Warning: MAC addresses are easily spoofed. A skilled hacker can copy the MAC address of your authorized laptop and bypass the filter. Therefore, MAC filtering is an additional, but not absolute, measure of protection.
Another important measure is to disable the function WPS (Wi-Fi Protected Setup). This technology is designed to simplify connection, but has known vulnerabilities that allow password recovery using brute-force attacks. In the router's web interface, find the section WPS and set the value Disable or Off.
Don't forget to update your router firmware regularly. Manufacturers often patch security holes with updates. You can check for a new version in the section System Tools -> Firmware UpgradeUp-to-date software ensures your router is protected from known exploits.
Frequently Asked Questions (FAQ)
Does having a connected neighbor affect my internet speed?
Yes, absolutely. The Wi-Fi channel is shared among all active users. If a neighbor starts watching 4K video or downloading large files, your speed can drop to practically zero, as the wireless interface operates in half-duplex mode and cannot transmit data to everyone simultaneously.
Can a connected neighbor see my files on my computer?
If your operating system's network settings are set to "Home" or "Private" and you have shared folders enabled, then theoretically yes. However, modern operating systems block such external connections by default. Nevertheless, the risk of accessing open ports or vulnerabilities in IoT devices (cameras, sockets) remains high.
What should I do if I changed my password, but someone else's device still connects?
Most likely, you have WPS enabled, and your neighbor is connecting through it, ignoring the password. Or, one of your guests has saved the password on their device and is automatically sharing it. In the first case, disable WPS immediately; in the second, change the password again and keep it confidential.
Is it true that bank card data can be stolen via Wi-Fi?
Simply connecting to Wi-Fi doesn't grant access to your traffic if websites use the HTTPS protocol (the browser lock). However, if you're connected to the same network as a hacker, they may attempt ARP spoofing and redirect your traffic through themselves. Therefore, avoid entering card details on public or suspicious networks.