Fing network scanner app: Review

Do you know who is on your network? Have you ever wondered if someone is sponging off your Wifi? How many devices are even in your home? uestions like these have nagged at me, just a little, ever since I've had Wifi. On and off I've tried to keep tabs using the limited functionality of my ISP provided router, but it's hardly robust, and to be fair, it's probably not a big enough risk to justify forking out for a network scanner. More fully featured enthusiast routers can provide this info in spades, of course, and even consumer routers with third party firmware like DD-WRT give you much more control. But what about normal people? Or those, like me, who can't replace their router firmware? 

If you have a PC of some kind, there are certainly some good option, but there is usually some set up involved, and often limitations unless you choose to pay up. Then there is the mobile space, and in particular, a handy little app called Fing. 

Fing is billed as a 'super-fast network scanner', and that's pretty much what it does, at least originally. Fing itself offers network scanning of the local subnet, device port scanning, and connectivity testing to local or remote addresses. Pretty simple stuff. However, the execution is slick and offers some nice additions to assist in keeping track of the growing list of devices in our homes. 

Firstly, for each device it detects, it will attempt to identify the device based on some known identifiers. It does a pretty good job and greatly helps in thinning out the list that you need to track down further. Once you've identified a device, you can optionally name it (and select a handy icon from a large library), and give it a location to help you keep track.

Second, Fing will keep track of the history of devices over time, and can keep an event log of when things were first noticed and when it saw them go on or offline. This can help track things down, but also acts as a diagnostic of potential issues on the network. You can ping the device to test it's connection stability, and do a port scan to check for vulnerable open ports. Of course, the device details page lists all the pertinent info about it's network settings, IP, MAC address, OS, any NetBIOS or Bonjour IDs detected, if it's hosting a file share, and so forth.

Additionally, you can flag devices as 'Critical' or 'Favorite' and they will be so marked in the device list. You can set Fing to notify you on state change for each device, so critical devices can be actively monitore (your smart home hub of choice, or security devices for example).

This is all available for free in the default app experience. You can optionally (and Fing will nag you about this) set up a free account to gain some additional functionality. The two key reasons for this are to get access to better device identification, and to allow for stateful network merging. Fing will scan any network you are on, if you so choose, but as the device mix changes, it can often fail to recognise the same network as has been scanned before. I found that it frequently duplicated my home network with different scan results for each instance. The merge feature allows for historical matching, and it can then reliably update, instead of duplicate, the existing networks scan, and keep all your nice labels and icons intact.

You may (quite reasonably) have issues with sending your network contents to a third party. hile it could tell someone what you have, which has the potential for advertising if you have any devices with known vulnerabilities, it doesn't specifically create any additional exposure in itself. Fing's privacy policy has the usual assurance of complying with relevant privacy law, but does give them the out to share information with business partners. Whether this applies to the network data collected, or just account details is not clear.

iOS11 Update: With the latest iOS update, apps are no longer permitted to access MAC Address information from network devices. For an app like Fing this is pretty crippling. Not only is device identification severely compromised (the first half of the MAC Address was the primary means of identifying manufacturer), but recognising the same device on repeat scans is highly unreliable. The device can only be matched with a previous scan by IP Address which, in a DHCP environment, may change over time. I've already seen multiple entries listed for the same devices on subsequent scans, so the tool is largely unusable on iOS at present. The developers are raising this with Apple and request their users do the same. The hardware companion, FingBox, resolves these issues if you're willing to pony up for another gadget, read on for more information.

Assuming that you're happy to proceed, Fing gets a bit more interesting. The app includes some significant additional functionality when used in conjunction with the FingBox, a network security device launched through IndieGoGo in 2016. With the FingBox a whole host of proactive network security and monitoring features are added, including scanning for intruders and malicious activity, per device internet access (or network access) blocking, access schedules, bandwidth analysis, Wifi performance diagnostics and geofencing.

Using Fing has allowed me to note a few oddities on my network already. Devices with multiple IP addresses that shouldn't have, and a misreported MAC where the device's own app reported a different MAC than what was on the network (last digit varied by 1). It also gives me some reassurance that I know what is on the network now, clearly and unambiguously, and I can keep track on that for any changes. 

The FingBox enters a device category where multiple vendors are starting to compete to help people keep their home networks secure. As a very affordable option with simple setup I'll be interested to see how it fares. I've ordered one for review and will be posting about that specifically when it arrives.

Update 20 October: The FingBox has arrived and I've been able to take a good look at what it can do.

Apple App Store: https://itunes.apple.com/au/app/fing-network-scanner/id430921107?mt=8

Google Play Store: https://play.google.com/store/apps/details?id=com.overlook.android.fing

Fing Website: https://app.fing.io/ (login required)