Have you ever noticed your internet suddenly slowing down, pages loading slowly, or videos constantly buffering, even if you have a high-speed plan? Often, this behavior isn't caused by equipment failure or provider issues, but rather by simple traffic theft by third parties. unknown devices When they connect to your wireless channel, they not only steal traffic, but also create a potential security threat to your entire home local network.
Modern routers, whether Keenetic, TP-Link or ASUSNetworks have powerful monitoring tools, but not all users know how to use them. In this article, we'll explore effective methods for identifying everyone currently on your network. You'll learn how to distinguish system devices from rogue phones and how to permanently block access to unwanted guests.
Neighbors "hijacking" your Wi-Fi is a common occurrence, especially in apartment buildings with thin walls. Many simply don't change the default password set at the factory, or use passwords that are too simple. The first thing you should do if you suspect a hack is to immediately change your password to a complex one consisting of mixed-case letters and numbers.
Signs of unauthorized network access
Before delving into the technical details and settings of your router, it's worth paying attention to indirect symptoms that may indicate the presence of "pirates." Indicators are often obvious if you look closely at the equipment's behavior. For example, the LEDs on the router's body may behave strangely: the activity indicator Wi-Fi or LAN blinks at a frantic rate, even when all your personal gadgets are turned off or in sleep mode.
Another warning sign is a sharp drop in internet speed. If you're paying for 100 Mbps but are actually getting 5-10 Mbps when downloading files, this is cause for concern. It's especially suspicious if the speed drops at certain times of day, such as in the evening, when neighbors are returning home and turning on their devices.
⚠️ Attention: Don't confuse channel congestion with hacking. In apartment buildings, multiple neighboring networks may operate on the same frequency, creating a "mess" of signals that also reduces speed. Use Wi-Fi analyzers to check for noise pollution.
Also, pay attention to the behavior of your devices. If your computer or smartphone periodically loses connection to the router and then reconnects, this could indicate an IP address conflict. This happens when another device attempts to occupy the address reserved for your device on the local network. It's also worth checking your browser history—if there are pages you definitely didn't visit, someone may be accessing your traffic.
Checking via the router's web interface
The most reliable and accurate way to find out who's connected to your Wi-Fi is to access your router's admin panel. This is the "brain center" of your network, displaying complete information about all active connections. To access it, open any browser and enter the router's IP address in the address bar. This is most often 192.168.0.1 or 192.168.1.1, but the exact address is always indicated on the sticker on the bottom of the device.
After entering your login and password (which are also written on the sticker by default, unless you've changed them), the control panel will open. Interfaces vary from manufacturer to manufacturer, but the basic idea is the same. You need to find the section usually called Client list, Wireless Statistics, State or DHCP Client ListIt is here that the ultimate truth lies.
In this list, you'll see a table of connected devices. Their IP addresses, MAC addresses, and often device names are displayed. Your task is to analyze this list. If you only have your phone, laptop, and smart TV connected at home, but the list shows five or six devices, then there are "extra" devices on the network.
☑️ Checking the client list
For ease of identification, manufacturers often allow you to rename devices directly in the interface. If you see a device with the name iPhone-Alex, you immediately understand whose gadget it is. But the device with the name Unknown or a set of characters like android-f8a9c2d1 requires attention. Compare the MAC addresses listed with the addresses on your actual devices (they can be found in the Wi-Fi settings on your phone or in the network adapter properties on your PC).
Using specialized programs and applications
If you find fiddling with your router's web interface on your phone difficult or inconvenient, special network scanning utilities can help. They will automatically scan the range and display all active IP and MAC addresses. For Windows computers, an excellent free program is WireShark (for professionals) or simpler Angry IP ScannerIt's perfect for macOS. LanScan.
There are many apps available for mobile devices that are always at hand. Popular apps on Android include Fing, Wi-Fi Analyzer And Network ScannerOn iOS, the functionality of such apps may be limited by Apple's security system, but they do provide basic information. These programs not only display a list of devices but also often identify the network card chip manufacturer, which helps determine whether the device is a phone, camera, or laptop.
The advantage of such apps is their clarity. They often display the network as a graphical diagram or a convenient list with icons. You can click on a device and see detailed information, including response time (ping), open ports, and operating system. This helps with diagnostics: if you see a device that consistently pings with a high response rate, it may be located far from the router (for example, on a neighbor's wall).
Is it safe to use third-party network scanners?
Most popular scanners (such as Fing or Angry IP Scanner) are safe and operate in read-only mode. They don't intrude into the system or change settings. However, avoid downloading questionable utilities from unknown sites, as they may contain malicious code.
It's worth noting that some advanced apps allow you to not only diagnose but also manage your network, if your router supports this feature or you have access to its settings. However, for a simple "who's using your Wi-Fi" check, basic scanning functionality is sufficient.
Analyzing the list of connected devices
Once you've obtained a list of devices using any of the methods described, the most important stage begins: analysis. Simply seeing the list isn't enough; you need to be able to read it. The primary identifier here is the MAC address. This is a unique code of the form AA:BB:CC:11:22:33, which is assigned to the network adapter during manufacturing. The first three pairs of characters (OUI) identify the hardware manufacturer.
Using online OUI databases or built-in scanner functions, you can decipher the manufacturer. If you see a device from Sony, and you don't have a Sony TV, that's cause for concern. If the device is detected as Intel or Realtek, it's most likely a computer or laptop. Devices from Apple, Samsung or Xiaomi — these are smartphones and tablets.
Below is a table that helps classify the device type based on indirect characteristics in the client list:
| Feature in the list | Probable device | Actions |
|---|---|---|
| Name contains "PC", "Desktop", "Intel" | Desktop computer or laptop | Check the MAC address of the PC network card |
| The name contains "iPhone", "iPad", "Android" | Smartphone or tablet | Check against the list of phones in the house |
| Name "IP-Camera", "Hikvision" | CCTV camera | Make sure it's your camera |
| Unknown name, random set of letters | An IoT device (lamp, socket) or someone else's gadget | Disconnect the device from power and check if it disappears from the list. |
Particular attention should be paid to devices with the name UnknownThis is often the case with cheap Chinese smart home gadgets (light bulbs, sockets, sensors) that don't transmit their name via DHCP. Before panicking, try turning off the smart plug and refreshing the client list in your router. If the device disappears, it was your gadget.
Methods for blocking uninvited guests
Once you've identified the intruder, you need to block them. The simplest, but not the most effective, method is to change the Wi-Fi password. After changing the password, all devices will be disconnected, and you'll have to reconnect them. The downside of this method is the inconvenience: you'll have to enter the new password on the TV, printer, and phones of all family members.
A more professional approach is to use Blacklist (blacklist) or Whitelist (white list) of MAC addresses in the router settings.
- 🚫 Blacklist: You add the intruder's MAC address to the blacklist. The router will ignore connection requests from this device, even if it knows the password.
- ✅ Whitelist: Enhanced Security Mode. You allow connections ONLY to devices whose MAC addresses are listed. All others, even with the correct password, will be unable to connect.
To configure MAC address filtering, go to the wireless network section (Wireless) and find the subsection Wireless MAC FilteringEnable this feature, select "Deny" (for a blacklist) or "Allow" (for a whitelist). Add the offending MAC address to the rules table and save the settings. The changes take effect immediately.
⚠️ Attention: Be careful with the Whitelist! If you enable "Allow only listed" mode but forget to add the MAC address of your current device (the one you're configuring the router from), you'll lose access to the network and the router. Always add yourself to the list before activating the filter.
It would also be a good idea to disable the function WPSThis technology allows you to connect to Wi-Fi with the simple press of a button, but it has vulnerabilities that allow attackers to brute-force the password in a matter of hours. In the router interface, find the section WPS and set the switch to the position Off or Disable.
Prevention and strengthening of network security
To prevent the "neighbor's Wi-Fi" problem from returning, it's important to follow basic digital hygiene rules. Your password should be complex: at least 12 characters long, including uppercase and lowercase letters, numbers, and special characters. Avoid simple combinations like "12345678" or a phone number.
It's important to keep an eye on your router's firmware. Manufacturers regularly release updates to patch security holes. Visit the section System tools or Administration and check for a new software version. If there's no automatic update, download the file from the manufacturer's official website and install it manually.
Use a modern encryption standard. In the wireless security settings (Wireless Security) select the mode WPA2-PSK (AES) or, if the router supports it, WPA3Older WEP and WPA protocols have long been cracked and offer no security. Make sure you select AES rather than TKIP, as the latter is slower and less secure.
What should I do if my router changes its settings on its own?
If you notice your password or security settings changing without your intervention, this may indicate that someone has already gained access to your router's admin panel. In this case, you'll need to perform a full reset using the button on the router, reconfigure the router, and, most importantly, change the password not only for the Wi-Fi but also for the router's settings (admin/password).
Can a hacker steal my banking passwords via Wi-Fi?
Theoretically, yes, if you're using an unsecured connection. However, modern banking websites use the HTTPS protocol, which encrypts data. However, if you're using older Wi-Fi encryption protocols (WEP), your traffic can be intercepted. Therefore, switching to WPA2/WPA3 is critical.
Does the number of connected devices affect the speed?
Yes, directly. The Wi-Fi channel is shared among all active users. If one neighbor starts downloading torrents at full speed, your internet connection may stall. Furthermore, a router is a mini-computer, and multiple connections strain its processor, causing latency (ping).
How often should I change my Wi-Fi password?
We recommend changing your password every 3-6 months, or immediately after sharing it with guests. If you notice suspicious activity, change your password immediately, rather than waiting for the scheduled change.