How To Detect Anonymous Intruders On My Wi-Fi Network

Currently we have more and more devices connected to the Internet. Surely the most used today is the Wi-Fi connection in which our laptops, tablets and smartphones are the ones that use it the most. This Wi-Fi connection is generally provided to us by a router and, depending on the quality it has, the coverage will be greater or lesser without having to use an access point or Wi-Fi Mesh system. It should also be noted that this wireless signal goes outside our homes, and can be susceptible to attack by cybercriminals. In this tutorial we are going to see if they could enter my Wi-Fi anonymously without appearing anywhere, and, therefore, that we would not be aware of their presence.

Let’s see if using our router we could see if an intruder can enter my Wi-Fi network without appearing anywhere. We will also see if it is possible to do the same using a Windows computer, both natively and through the use of additional software. In addition, we will see if through the use of applications with Android we have any possibility to carry out this task. Finally, we will finish with a series of basic tips to prevent cybercriminals from entering my WiFi wireless network.

Detect Anonymous Intruders On My Wi-Fi Network

The ARP protocol in Windows 10

One way to check if someone can access my Wi-Fi in Windows 10 is by using the command prompt “ARP”. In case you don’t know, this command is responsible for displaying the list of entries in the ARP table of our equipment, the ARP ( Address Resolution Protocol ) protocol or also known as the address resolution protocol is responsible for finding the MAC address or address physical that corresponds to a certain IP address. Its way of working is by sending an “ARP request” packet to the broadcast address of the network that contains the IP address for which it is asked. Then, we wait for that machine or another to respond with “ARP reply” with the Ethernet address it has established.

In summary, the purpose of the ARP protocol is to allow a device connected to a local network to obtain the MAC address of another computer that is connected to the same local network whose IP address is known, in order that communications work correctly and have connectivity in the local network. Without the ARP protocol, a computer could connect to the network without problems, but could not send any type of traffic.

If we want to use the ARP protocol in Windows, we will have to do it through a command that is executed in a command prompt window. To do this, we will follow these steps:

  1. Let’s go to Windows Start Menu.
  2. We write run and press enter.
  3. We type CMD and hit enter again.

Then a command prompt window will appear where we can execute our commands. In this case the one we are going to use is ” arp” , if we write it and press “enter” it will give us its available options.

In this case we are going to use the command « arp -a » which will show us all the current ARP entries.

Here we see the different results in which we see the IP and the physical address of each of the devices that it has detected in the local network. In this case, the arp command was run from the local IP 192.168.1.41 which is a laptop with Wi-Fi. If we look at it, the IP 192.168.1.2 also appears there along with the physical address of another computer on my LAN. The router is also displayed on the IP 192.168.1.1 and other network equipment. As you can see, using the “arp” command you can see who is currently on the wireless and wired network of the home local network.

How do I know what my MAC address is that appears in ARP?

The easiest way to identify them would be by knowing the MAC address of each computer or device. In Windows it is also done in a command prompt window with the command ” ipconfig / all ” where the MAC would correspond to the physical address.

However, it is quite a complex way since it requires a good use of the ARP command and its parameters together with the knowledge of MAC addresses for the identification of equipment. From the image above you can get the default gateway or router IP. This later will help us to enter the router configuration.

In Android operating systems, this information is obtained directly from the “Settings / About phone / Networks” menu, where we must see the MAC address of the WiFi card, Bluetooth and even the IMEI of the smartphone itself. On Android tablets you would look at the same menu, and on iOS you will also have to go to “Settings” and “About” to see this MAC address information.

In the event that you have IP cameras or smart plugs connected, these types of devices usually have their MAC address on a sticker on the device itself, and even in the documentation of the product box, that is, we will always have information about the address MAC of the different WiFi devices.

Windows programs to view connected computers

We could also use specific programs to see all the devices that are connected in our local network. His way of working usually consists of pinging each of the IP addresses of our LAN. They are generally known as a network scanner. One of the easiest to use and free programs is Angry IP Scanner . This program can be downloaded from its official website and is compatible with Windows 7/8/10, and also requires the installation of Java for its use. This would be an example where a local network is being scanned.

Another program that we could use would be Advanced IP Scanner which is also a free and reliable network scanner that we can use to scan a LAN. This software will detect all the local subnets of the different interfaces of both physical and virtual networks installed on our PC. This would be an example of what it offers us:

If you want to try it, you can download it from here .

Both tools are the most recommended if you have a Windows operating system, they are totally free and will allow us to know in detail what devices we have connected, showing us the host name (if it has one), its IP address and also the MAC address of the device, something very important to check if a certain device is ours or is unknown. In the event that it is unknown, it is likely an intruder on our wireless network, so we should take steps to prevent it.

Use Android apps to find out who can access my Wi-Fi

Some Android apps also contain a number of networking tools. Thanks to them we will be able to ping our computers or scan our LAN. One of them, for example, is Fing, here is an example of how to perform a network scan:

Fing

As you can see, it detects both wireless devices and network cable. You can download it from here:


The third one that we could use is Network Scanner that you can download from the Google Play Store from here:

Use the router to see the devices connected via WiFi

Perhaps the easiest way to know if someone is trying to access my Wi-Fi is by going to the router configuration through the web. The first thing we have to do is open our browser and put the default gateway in the address bar. In the ARP section we explain how to obtain it. Then we have to put our username and password, if you have not changed it, it is usually on a sticker that comes under the router. In this article, for security reasons, we recommend changing the password.

In the previous methods showing the ARP and also using programs, we do not have the possibility to differentiate the connected equipment from the wireless ones. However, if we use routers with a very complete firmware such as those of the AVM FRITZ! Box, we will be able to see in detail all the wireless clients that are currently connected to the wireless network, and also all the wireless clients that have connected in the past to the wireless network, in order to detect possible past intrusions that could be reconnected at any time.

The section we have to access will vary depending on the brand of our router, but it is usually located in the “LAN / Local network or Wi-Fi” section. In the case of the FRITZ! Box router that we have used, you can look at both sides. In the Local network section, there would be as many devices that are connected by network cable as by Wi-Fi:

We could also do it in Wi-Fi so that it shows exclusively those that are connected wirelessly:

The advantage that good brand routers offer is that they give you the ability to name each device. Thus, if someone tries to access my Wi-Fi, it is easier to detect that intruder because the rest of the devices will have a personalized name, and the intruder will not.

As you have seen, even if an intruder is able to connect to our network, we can detect it using various methods, either through the ARP protocol, with specific programs for Windows, with free applications for Android and even directly through our router. . This last option is the best if your router has a very complete firmware, otherwise it will surely simply show you the current ARP table and not all the devices that have been connected previously.

If you do not want to have intruders on your WiFi network, we are going to make you a total of three basic recommendations to keep your WiFi network secure:

  • Disable the WPS (Wi-Fi Protected Setup) protocol on your router.
  • Have the WPA2-Personal protocol configured with AES, or use WPA3-Personal.
  • Use a strong access password greater than 15 alphanumeric characters.

With these easy-to-follow tips, you will have the wireless network highly protected against possible intruders, and if they are able to crack the wireless network password, you will be able to detect it with these methods that we have explained to you.