There are several ways to check what devices are currently logged on to your network (e.g. WiFi at home).
The first option is to use
arp, which I have found works the best. There will be some cases where it does not work.
In the following example, I'll assume that your IP address is
Scan network and try to guess OS:
sudo nmap -sP 192.168.0.0/24 --osscan-guess
Using arp and nmap
First, scan your sub-network:
# see you IP address using ifconfig, here it's assumed to be 192.168.1.0 nmap 192.168.1.0/24
Second, list devices in your ARP cache:
If the output doesn’t look up to date, or if it’s missing an IP you believe should be there, ping the broadcast IP (typically the last result of arp -a ending with “.255”).
# Assuming 220.127.116.11 was the last address in the output from arp -a ping 18.104.22.168
arp -a again.
Notice that a malicious user can use arp spoofing to mix up the association between MAC addresses and IP addresses. This can be used for man-in-the-middle attacks.
You could also use WireShark or even a third or fourth method, but I will not cover those here.