How Can I Find Out If Someone’s Stealing My Wi-Fi?

How Can I Find Out If Someone’s Stealing My Wi-Fi?

Dear Lifehacker, Lately it seems like my high speed connection is bogged down, and I’m getting a creepy feeling that someone’s stealing my bandwidth on my Wi-Fi network. How can I find out if other people are leeching my Wi-Fi, and how do I stop them if they are? Signed, Paranoid or Not?

Dear PoN,

Besides the fact that your Wi-Fi moocher may be slowing down your connection, people connected to your network may also have access to some of your shared folders (depending on what security measures you use), and if someone’s using your connection to do illegal things, it could even bring the authorities to your doorstep. Don’t worry, though, we can help you find out if, indeed, your Wi-Fi is being stolen and help you put an end to it. (Note: If it turns out that no one’s using your Wi-Fi, you may want to check out our guide to fixing your slow Wi-Fi connection.)

Without further ado, there are a few methods for sniffing out wireless intruders.

Low-Tech Method: Check Your Wireless Router Lights

Your wireless router should have indicator lights that show internet connectivity, hardwired network connections, and also any wireless activity, so one way you can see if anyone’s using your network is to shut down all wireless devices and go see if that wireless light is still blinking. The trouble with this is that you may have many other Wi-Fi devices (e.g. your TV or gaming console) to remember to unplug, and it doesn’t give you much other information. It’s still a quick-and-dirty method, though, that can confirm your at-the-moment suspicions; for more details, follow up with either the administrative console check or software tool suggestion below.

Network Admin Method: Check Your Router Device List

Your router’s administrative console can help you find out more about your wireless network activity and change your security settings. To log into the console, go to your router’s IP address. You can find this address on Windows by going to a command prompt (press Win+R then type cmd) and then typing ipconfig in the window, then find the “Default Gateway” IP address. On a Mac? Open the Network Preference pane and grab the IP address listed next to “Router:”.

Next, type in that IP address in a browser window. You’ll be prompted to login to you router. If you haven’t changed the default settings, your router documentation will have the login information, which typically uses a combination of “admin” and “password” or blank fields. (Note: for security’s sake, you should change the login as soon as you get into your router console, before a hacker does it for you.)

Attached Devices


All routers are different, but once you’re in yours, you’ll want to look for a section related to connected devices. This could be called “Attached Devices” (Netgear), “Device List” on the awesome Tomato firmware or something similar. It should provide a list of IP addresses, MAC addresses and device names (if detectable) that you can check against. Compare the connected devices to your gear to find any unwanted users.


Note: DHCP list on routers doesn’t show all attached devices, but rather only DHCP clients — devices that got their IP address automatically from the router. A stealthy hacker, however, can get into your network with a static IP address, bypassing that DHCP table. So you’ll need to refer to the actual wireless client list, not the DHCP list. On Linksys routers, you can find it behind the wireless MAC address filter function, which needs to be enabled so you can show the MAC list of all connected devices (static or DHCP).

What to do if you find an unauthorised device As mentioned below, changing your security to WPA2 (or setting up a new password) will prevent access to your Wi-Fi network from unauthorised users (and kick any who are on your network now off until they provide the new security key). The IP addresses and MAC addresses alone won’t really help you identify the perpetrators themselves, though, if that’s what you’re looking for. If you want more information about where these moochers are, you can also try the software tool below.

Detective Method: Use a Network Monitoring Software Tool

It’s good to know how to get into your network admin panel where you can change settings and view logs, but maybe you also want more advanced network auditing or sleuthing. That’s where MoocherHunter comes in. Part of the free OSWA (Organizational Systems Wireless Auditor)-Assistant wireless auditing toolkit, MoocherHunter has been used for law enforcement organizations in Asia to track Wi-Fi moochers. The software description says it can geo-locate the wireless hacker from the traffic they send across the network, down to 2m accuracy.

The software doesn’t run as an executable in Windows; rather it needs to be burned to a CD, then used to boot the computer. The idea is, with your laptop (and the directional antenna on your wireless card), you’d walk around to triangulate the physical location of the Wi-Fi moocher.

We’re not advocating you use the tool to take any actual action (like knocking on your neighbour’s door and having a physical confrontation) based on the software’s results, but it is another way to learn more about who, if anyone, is using your wireless network.

Moving Forward: Beef Up Your Wi-Fi Security

You didn’t mention what kind of wireless security your network uses. If you’re using the more secure WPA2 (or, to a lesser extent, WPA), you’re likely pretty secure. If you’ve gone through all the steps and your browsing still seems slow, you may want to turn your thoughts to speeding up your web browsing. If your connection isn’t encrypted or if you’re using WEP — which is very easy to crack — your Wi-Fi is fairly vulnerable to anyone looking for a free ride. (If you’re not sure which type of encryption your network is using, go to your wireless connection properties, which will identify the security type.)

Just remember: Whether you discovered a leecher or not, you should still use WPA2 encryption, use a non-default SSID and tackle other wireless router setup essentials. If, for some reason, you want to run an open wireless network or have to use WEP because some devices (e.g. the Nintendo DS) won’t work over WPA, your best bet is to add a new, separate and secured wireless network for important stuff and only open the unsecured one for guests and WEP-only devices when needed (you can also get a router that broadcasts a separate wireless signal for guests only).

Here’s to knowing everyone who’s connecting to you…

Cheers Lifehacker


  • You could also try a port scanner:

    Simply let is scan all the IPs on your subnet. I.e. -> and see if any of the responses are from devices you don’t recognise.

    Also: Consider changing your WEP/WPA passkey. If speed increases significantly and doesn’t deteriorate over time, then you might have fixed your problem without actually doing any serious work.

  • Simple things you can do, is turn off your router when its not being used and your at home, tedious but also helps as the perpetrator would probably get annoyed and stop using a “reliable source” of internet as you could shut it down at random times.

    Another thing would be to do mac address filtering and also setup WPA2 encryption for your best efforts.

    Some funny things I have seen is people naming their SSID’s something like YOUAREBEINGWATCHED, MONITOREDINTERNET, and my fave, IWILLFINDYOU

  • Theres nothing specifically wrong with it, but people can do bad things on your Internet and you could get investigated or it.
    Or even worse, heard a story about a guy that let his little old lady neighbour on his wifi and she somehow found child abuse material on the Internet, called the cops and told them it was the guy.
    He eventually sorted it out but in the mean time the little old lady went around telling people about her neighbour the sex offender…better safe than sorry

  • A man received the following text from his neighbor:

    I am so sorry Bob. I’ve been riddled with guilt and I have to confess. I have been tapping your wife, day and night when you’re not around. In fact, more than you. I’m not getting any at home, but that’s no excuse. I can no longer live with the guilt and I hope you will accept my sincerest apology with my promise that it won’t happen again.

    The man, anguished and betrayed, went into his bedroom, grabbed his gun, and without a word, shot his wife and killed her.

    A few moments later, a second text came in:

    Damn autocorrect. I meant “wifi”, not “wife”.

  • Ok so I got into my main IP address to see if I could change my password for my wifi, on the center of the page it showd everything that was connected to my wifi. active and inactive, HOLY SHIZA there was a list as long as the day in July, what do I need to do starting from A to Z to secure, track, trace, and hide my IP???? Please Help, Im not having all this, I downloaded an IP tools app on my phone which is connected to my internet and EVERYDAY sombody is on my wifi, it tells me connection lost IP CHANGED TO OR WHATEVER IT MAY BE, I USE SAME APP TO VISUALLY TRCK THE ADDRESS AND IT HOPS FROM STATE TO STATE AND BACK OR COUNTRY AN BACK. AND ITS EVERYDAY AN IM SICK OF IT, SO PLEASE SCHOOL ME , THANKS

Show more comments

Log in to comment on this story!