Can you hide your device from network scanner
To 'hide' a device, you can put another device in front of it that changes characteristics. This is what proxies or routers do.
Or you can employ a filtering technique that only allows approved devices to get a response from the device.
But in your case, you are dealing with a router, which can't really be 'hidden'. Some routers have settings that allow you to restrict who can access the device. I'd suggest looking for the "WAN login" setting to turn off exposing the login page to the Internet.
Network scans are usually based on ARP-packet-sniffing. This protocol is used to map IP- and MAC-addresses. Every IP-communicating device (so really every) has to send such requests to know where the other devices can be found. Every Attacker, as long as he is in your network, has to send these requests at least once. Your own computers will send it quite often too. It should not be possible to interact with any network-device without sending such ARP-requests. Because they are broadcasted, every computer could log them. I am using netdiscover to sniff this.
your (wireless)router spreads beacons periodically hence it can't be hidden for very long until and unless you change the setting to 1000 which is last i guess but still it will reveal its presence.I assume the router to be wireless because your mentioned application(fling) is on mobile platform.
This answer is to,not let other devices access your router against your will.Login to your router by default ipaddress of your router(probably 192.168.0.1) and enter credentials(default user name and passwords are mostly admin,admin respectively),search for 'security' section and find sub section named 'Local Management'. If your don't have exactly named options search for one under your specific router under security section.This will allow you insert mac addresses of the system you want to access router.only that person will have access to the router settings. Then move on to 'parental control' section and block device through mac address.Or 'access control' section may help too.
The application named 'Arcai.com's NetCut' may help for blocking the devices form accessing internet directly from your rooted android,if you want to avoid my above procedures.This works even when you leave the network after you blocked the device.
Good info from the other answers so I'll try to explain from another perspective.
Can the attacker hide while you are performing a scan?
He/she certainly can. Because a smart hacker will never automatically connect to your wifi but will first scan if your device/station is connected to the AP (access point). The point is that if the hacker sees your device being associated with your router AP, he/she might be hesitant to associate and you won't be able to detect any other host on your local network. And the thing is, in order to perform a scan on your LAN, you need to be associated with the AP. There is no other way.
Alternatively, hacker can modify IDS(network based intrusion detection system) to automatically disconnect his/her device if someone performs a LAN scan. Since you are sending a massive amount of ARP requests through your subnet to see if there is anyone that will respond, it is easy to modify IDS software to detect such noise and disconnect your device.
You are arguing against yourself. You say it's impossible to do a scan when not associated, but you also say the attacker does a scan before deciding to associate. Obviously either you or you (and maybe both) are wrong here.
Two different types of scan. The attacker has a card in monitor mode which scans all the APs and stations in the vicinity and can see which stations are associated to which AP. The other scan is LAN scan which is performed to detect hosts inside the network. Actually you could use the monitor mode scan to find out if anyone is associated to your AP without connecting yourself to the AP but it is not the same. This way you cannot see what they are doing inside the network. Also it can be confusing should the hacker decide to spoof your mac address and appear as yourself being connected to AP.
Exactly, you can do a passive scan just as well as the attacker can, or you can just look at traffic passing through the access point. Why would you send bulk ARP requests when you can just read the ARP table from the AP? Since the attacker is intentionally sending data to the AP, capture it there, you don't need a second radio. The attacker's radio won't give him a clue about wired connections to the access point.
True, however, you need to make sure your wifi card is disabled when on wired connection so the attacker can't see your device not being associated with AP and not to assume the worst. For the second part, you could monitor your AP traffic with wireshark in monitor mode by decrypting the encrypted traffic since you know your wifi password. Of course, you would need to filter out the noise. This I believe is better than wire because even if the attacker performs an ARP scan in seconds after associating, you cannot be seen. This is where ARP scan has advantage over monitor, it can detect wire.
Actually same thing can be done by the attacker to detect wired connection up front, using wireshark traffic decryption in monitor mode. So being wired is not really an advantage. Oh and my bad on the last sentence in previous comment. What I meant to say is that ARP scan has an advantage over monitor mode without the decryption part.
I don't know what question you are asking. The title here "Can you hide your device from network scanner" is a different question from "Has my router been compromised"
Dealing with the first question.... The short answer is that it (probably) depends where the attacker is.
If we are talking about a Soho internet uplink, then the device will be performing some network translation and has a very different inside and outside environments.
Internally it will (probably) be emitting spanning tree checks.
Externally, if the router is sending data out (as opposed to routing data) then this will typically be to a specific point at your upstream provider. Beyond your upstream provider, nobody will see traffic originating from the router, but may see data passing by from your devices.
Someone on the outside will be able to scan your router if it has any open ports (for remote access or port forwarding to internal systems).
On the inside, it should be evident to anyone with access to the network where the router is on the network, unless it is a wireless access point with suitable encryption enabled and the attacker does not have the key to join the network.