Home Network Security
If you have never looked at the full list of devices connected to your home network, you might be surprised by what you find. Most people assume its just their laptop, their phone, and maybe a smart TV. In reality the average home network has somewhere between 15 and 25 connected devices, and a few of them are usually things the homeowner has completely forgotten about.
This guide walks through every method available on Windows to see exactly what is on your network, what those devices are, and what to do if you spot something you do not recognize.
Every device on your network is a potential entry point. A cheap smart plug with outdated firmware, an old tablet still connected from years ago, or even a neighbor who never changed your old WiFi password, any of these represent real security risks. You cannot protect devices you do not know about.
This is not a theoretical concern. In 2024 researchers at Bitdefender found that the average home network contained at least one device with a critical unpatched vulnerability. Most homeowners had no idea the device was even there.
The most straightforward way to see connected devices is through your router's administration interface. Every router has one, though the exact steps vary by brand.
Open Command Prompt on Windows and run:
ipconfigLook for the line that says Default Gateway. The IP address next to it is your router. It is usually something like 192.168.1.1 or 192.168.0.1.
Type that IP address into your browser's address bar and press Enter. You should see your router's login page. Common default credentials are:
admin / Password: adminadmin / Password: passwordadmin / Password: blank (just press Enter)If you are still using default credentials, change them immediately after logging in. Default router credentials are publicly documented and represent one of the most common home network vulnerabilities.
Once logged in, look for a section called "Connected Devices," "DHCP Clients," "Device List," or something similar. The exact label depends on your router brand. What you are looking for is a list of IP addresses, MAC addresses, and device names.
The ARP (Address Resolution Protocol) table is a list your Windows machine keeps of every device it has recently communicated with on the local network. It is not exhaustive but it is a fast way to see what is active right now.
Open Command Prompt and run:
arp -aYou will see a list of IP addresses and their corresponding MAC addresses. The MAC address is a unique hardware identifier, the first three pairs of characters (called the OUI) identify the manufacturer. For example, a MAC address starting with A4:C3:F0 is an Apple device.
You can look up any MAC address prefix at macvendors.com to identify what kind of device it is.
Advanced IP Scanner is a free Windows utility that scans your entire local subnet and returns a detailed list of every responding device. It shows IP address, MAC address, manufacturer, hostname, and open ports.
Download it from advanced-ip-scanner.com, run a scan of your subnet (usually 192.168.1.1-254), and within about 30 seconds you will have a complete picture of your network.
If you want device discovery as part of a broader security audit rather than a one-off check, SentinelHome101 does all of this automatically as part of its 101-point scan. It identifies every device on your network by IP, MAC address, and manufacturer, scans each device for open ports, flags high-risk services, and tracks when devices first appeared and last connected.
SentinelHome101 runs a full network discovery as part of its 101-point security audit. Free for Windows.
Download FreeWhen you spot a device you do not recognize, work through this checklist before panicking:
Pro tip: After changing your WiFi password, reconnect your known devices one at a time and note which IP each one gets. Within an hour you will have a complete verified inventory of your network.
Checking your device list once is useful. Checking it regularly is how you actually stay secure. New devices appear on home networks all the time, a neighbor's kid who memorized your password, a contractor who connected during a repair job, or a device that joined automatically through a guest network that was left open.
Running a scan once a month takes less than five minutes and gives you an up-to-date picture of what is on your network and whether anything has changed since last time. If you spot something that should not be there, read our guide on how to tell if your home network has been compromised for the next steps to take.