Check who's using your Wi-Fi and how to block them

A sudden drop in internet speed or constant freezing of videos are often the first warning signs. Many users aren't even aware that their wireless network is overloaded with unauthorized devices. Neighbors who discover your password or hackers exploiting vulnerabilities in the WPS protocol can siphon off your data for years. Checking who's using your Wi-Fi connection is becoming more than just a curiosity; it's a necessity to ensure your own digital security and connection stability.

Modern routers feature powerful monitoring tools that few people know about. You don't need to be a system administrator to audit your network. Access to the router's web interface or installing a specialized app on your smartphone is sufficient. In this article, we'll cover in detail all the methods for detecting "uninvited guests," from standard hardware tools to advanced network scanners. You'll learn how to distinguish your devices from those of others and, most importantly, how to permanently block access to uninvited guests.

Symptoms of strangers' presence on the network

Before moving on to technical scanning methods, it is worth paying attention to indirect signs of intrusion. Often network anomalies They're noticeable to the naked eye if you know where to look. For example, the indicators on your router might behave strangely: the Wi-Fi light might flash wildly even after you've turned off all your devices and left the house. This is a classic sign of background activity.

Another sure sign is a sharp drop in speed. If your provider guarantees 100 Mbps, but you're barely managing 10 Mbps when downloading files, be wary. This is especially suspicious if it occurs at night, when the load on your provider's channels is minimal. Third-party users They can download "heavy" content, run torrents, or mine cryptocurrency using your resources.

Pay attention to the behavior of connected devices. Smartphones and laptops may spontaneously disconnect from Wi-Fi or take a long time to connect to a website. This can occur due to IP address conflicts or a full routing table. Changing the router administrator password, even if you weren't the one doing it, is also a warning sign.

⚠️ Warning: Don't ignore regular router shutdowns. If your device is running hotter than usual and requires constant reboots, its processor may be overloaded by third-party requests or malware.
📊 How often do you check the list of connected devices?
Once a week
Once a month
Only when the speed drops
Never checked

Using the router's web interface

The most reliable and detailed way to find out who is connected to your Wi-Fi is to access your router's settings. This method doesn't require installing third-party software and provides access to native hardware information. First, you need to find out the gateway's IP address. On Windows, this is done via the command line: enter cmd, and then the command ipconfigFind the line "Default Gateway".

Enter the received address (usually 192.168.0.1 or 192.168.1.1) into the browser's address bar. The system will ask for your username and password. If you haven't changed them, try the default pair listed on the sticker on the bottom of the device; this is usually admin/adminOnce in the menu, look for sections with names like "Wireless," "Status," "Clients," or "DHCP Server List."

In this section, you'll see a table of all active connections. MAC addresses, IP addresses, and sometimes device names are displayed here. The user's task is to inventory Gadgets. Compare the number of devices on the list with the actual number of devices in your home. An unknown device named "Android-xyz" or "Unknown Device" should raise questions.

Interfaces vary by manufacturer. For TP-Link, it's often the "DHCP" tab -> "DHCP Client List." For Asus, it's the "Network Map" -> "Clients" section. For Zyxel Keenetic, it's the Wi-Fi icon on the main page or the "Client List" section. It's important to understand that the data here is updated in real time, so it's best to scan when everyone in your household is actively using the internet.

Network scanner software for PCs

If logging into your router seems complicated or the interface is blocked, specialized computer utilities can help. Scanner programs analyze your local network and provide a detailed report on all detected nodes. One of the most popular and functional tools is Wireless Network Watcher from NirSoft. It's free, requires no installation, and reveals the full details of your network.

Once launched, the program automatically scans the address range. You'll see a list of devices, their IP address, MAC address, network card manufacturer (Vendor), and last detected time. The key here is the "User Name" or "Device Name" column, which can sometimes immediately identify the device (e.g., "Ivan-iPhone"). If you see a device from a manufacturer you don't own (e.g., you only have Apple devices, but a new device appears in the list), Espressif or Tenda), this is a cause for concern.

Another powerful utility is Angry IP ScannerIt works faster and can scan not only the local network but also ports. This is useful for more advanced users who want to check if any access services are open on other devices. However, for a quick "who's using it" check, a basic scan is sufficient.

Program Platform Complexity Key function
Wireless Network Watcher Windows Low Detailed information about the manufacturer
Angry IP Scanner Win/Mac/Linux Average Quick port scan and ping
Advanced IP Scanner Windows Low User-friendly interface and remote control
Fing (Desktop) Win/Mac Low Determining the device type (camera, TV)

When using software, remember that it only detects devices that are currently online and responding to requests. If a hacker uses stealth techniques, simple scanners may not detect them, but for everyday use, their functionality is more than sufficient.

Mobile apps for Wi-Fi auditing

A smartphone is the most accessible tool for checking network security, always at hand. Mobile apps often have an even more user-friendly interface than their desktop counterparts. The app has been the leader in this niche for many years. FingIt is available for both Android and iOS.

Once launched, Fing automatically detects all devices on the network. The app's unique feature lies in its database: it attempts to guess the device type based on the MAC address and displays an icon (TV, phone, printer). This significantly simplifies the search for rogue connections. You'll immediately see "Samsung TV," "Xiaomi Vacuum," and some "Unknown device." The app can also scan the network for known security threats.

Other worthy alternatives include Network Analyzer And WiFi AnalyzerThey provide technical information such as signal strength, channel loading, and DHCP details. For the average user, the "Who's Online" feature, which is available in most of these devices, is important. The convenience of mobile scanners is that you can walk around your apartment and see how the signal strength from a suspicious device changes, trying to pinpoint its physical location.

☑️ Security check via the app

Completed: 0 / 5

It's important to note that on iOS, the functionality of such apps may be limited by Apple's security policies. They may not display certain details or require special permissions. Android offers more advanced features, but still requires precise positioning (GPS), as Wi-Fi scanning is tied to geolocation.

How to distinguish your device from someone else's

The most difficult part of the test is identification. The router's client list often includes names like "localhost," "android-d9f82," or simply a string of numbers. How do you figure out which ones are which? The first step is elimination. Turn off Wi-Fi on all your devices, leaving only the one you're testing on (or connect to it via cable).

Ideally, only your computer should remain on the list. If there are others, they're not yours. If you're checking from your phone, turn off all other devices in the house. Only your phone will remain on the list. Remember its MAC address. Then turn on the devices one by one and record the address-device correspondence. This is a labor-intensive process, but it guarantees 100% accuracy.

The second method is MAC address analysis. The first 6 characters (3 bytes) of the address are the vendor identifier (OUI). They can be found in online OUI lookup databases. For example, if the address begins with 00:1A:2B, the database will say that it is Apple. If on B8:27:EB — it's a Raspberry Pi. Knowing what hardware you have, it's easy to figure out what's missing.

What is MAC filtering?

This security method involves the router only allowing devices with pre-approved MAC addresses onto the network. Even if a hacker learns the password, they won't gain access unless they're whitelisted. However, this is inconvenient for guests: they'll have to manually enter their addresses into the settings each time.

Pay attention to activity times. Router logs (if available) or advanced scanners will show the first and last connection times. If a device was active at 3 a.m. while you were sleeping, and then disappeared in the morning, this is a clear sign of illegal use.

Blocking Intruders and Protecting Yourself

If you detect an intruder, you need to act immediately. The easiest way is to change the Wi-Fi password. This will disconnect everyone but force all your devices to reconnect. It's radical, but effective. A more sophisticated method is to block the intruder by MAC address directly in the router interface. Find the "Block," "Deny," or "Block" button in the client list.

Once blocked, the device won't be able to connect, even if it knows the password. However, the MAC address can be spoofed (cloned), so this isn't a panacea. The main recommendation is to strengthen security. Change the encryption type to WPA2-PSK (AES) or WPA3Old WEP can be cracked in minutes, even by a schoolchild with a phone.

Be sure to disable the WPS function. It's designed for convenient connection, but it's a security hole. While WPS is enabled, your password can be brute-forced. Also, change the password for accessing the router's settings (admin panel) to prevent neighbors from unlocking their own router.

⚠️ Note: Router interfaces are constantly being updated. The location of the lock buttons may vary. If you're unsure of what you're doing, it's best to simply change your Wi-Fi password to a complex one (more than 12 characters, including numbers and special characters).

Frequently Asked Questions (FAQ)

Can my neighbor see what websites I visit if he is connected to my Wi-Fi?

Technically, using simple traffic sniffers, an attacker on your network can intercept unencrypted data. However, thanks to the widespread use of the HTTPS protocol, the contents of correspondence and passwords are difficult to see. However, it is possible to obtain a list of visited domains (websites). Therefore, allowing outsiders into your network is strictly prohibited.

Why do I see "Unknown" in the list of devices?

This often happens with smart devices (light bulbs, sockets, vacuum cleaners) or older gadgets. They may not broadcast their name to the network. Use the MAC address and manufacturer as a guide. If the device is unfamiliar, try unplugging the suspicious device from the outlet and see if it disappears from the list.

How do I lock my device if I don't remember my router password?

If you don't remember your admin password, you'll have to reset the router. With the router turned on, press and hold the Reset button (usually in the recessed area) for about 10-15 seconds until the lights flash. The router will return to factory settings, and you'll be able to log in using the login information on the sticker. Afterward, be sure to set up the network again.

Does the number of connected devices affect internet speed?

Yes, directly. The Wi-Fi channel is shared among all active users. If one is downloading a 4K movie, others may experience lag. Furthermore, the router itself has a limit on the number of simultaneous connections (usually 10-30 devices), exceeding which leads to a drop in performance.

Is it possible to find out where someone else's device is physically located?

It's impossible to pinpoint a location (an address or apartment) via Wi-Fi. The best you can do is measure the signal strength (RSSI). As you get closer to the signal source, you'll see the signal strength increase. This will help you determine which room or wall the intruder is in, but it won't provide precise coordinates.