- In your case, the easiest method is to look at your D-Link's list by opening the router's GUI, clicking on the Status tab, then clicking on the Wireless button. This displays all currently-connected wireless clients, identified by MAC address. That's all there is to it.
- If your router did not provide client status, you could capture wireless traffic to identify stations transmitting in your vicinity -- in fact, most WLAN analyzers provide a quick list of stations, sorted by access point and network name (SSID). However, the "RF monitoring" drivers required to hear non-broadcast traffic from other stations are not readily-available for Windows. As a result, you can use a free analyzer like Ethereal to see only broadcast traffic from other WLAN stations (e.g., DHCP and ARP requests). Or you could use a trial version of a commercial analyzer like WildPackets AiroPeek to capture short-but-complete traffic samples. For a list of free and commercial WLAN analyzers for Windows and other OS's, see this ISP-Planet series.
- It's also useful to listen to traffic on the wired side of the AP. This tells you more than which wireless stations are nearby or trying to connect to your AP -- it tells you those that are actually using your network. However, in your case, this method makes little sense: your D-Link router is (probably) using network address translation to convert the source IP address of every sent packet to the public IP address of your router's WAN interface. If you captured traffic with an Ethernet LAN analyzer (like Ethereal), you'd have to really examine data payload to try to figure out which packets came from which users -- for example, by looking for email logins sent to POP servers, or "From" addresses in mail sent to SMTP servers.
This was first published in February 2005