Page 1 of 1

Mikrotik and netcut program

Posted: Mon Jan 14, 2008 3:12 am
by par441
hi all
why mikrotik router couldn't stop netcut ...
can somene help me with that >>> i have router board 333 with mikrotik os

Re: Mikrotik and netcut program

Posted: Mon Jan 14, 2008 12:42 pm
by normis
probably because your firewall needs to be configured.

1. Make firewall rules to drop ICMP unless you really need it (then make it available only for certain hosts)
2. Make static ARP entries with arp=reply-only

Re: Mikrotik and netcut program

Posted: Wed Feb 20, 2008 1:54 am
by eebng_1422
Why not Mr. Normis you tell us about how we can do that with an examples ???
:lol:

Re: Mikrotik and netcut program

Posted: Wed Feb 20, 2008 10:49 am
by normis
quick example:

/ip firewall filter chain=input protocol=icmp action=drop
/interface ethernet set ether1 arp=reply-only
/ip arp add address=1.1.1.1 mac-address=FF:FF:FF:FF:FF:FF interface=ether1

actually you can drop all traffic in input chain, except your personal IP. better yet - find out who violates the internet usage policy and disconnect him from internet.

Re: Mikrotik and netcut program

Posted: Thu Feb 21, 2008 3:07 am
by eebng_1422
Thanks mr. normis
i tried that on my Mikrotik Hotspot Server, But it doesn't work yet, the counter of my droped protocol doesn't increased at all but the ping is working and netcut also work.
Mr. Normis please help me.........
:shock:
hope more advande in the future
:lol:

Re: Mikrotik and netcut program

Posted: Mon Mar 03, 2008 9:01 pm
by ahmedsaffar76
Hi ;
I think that using pppoe will help you alot with the netcut program .
when you use pppoe server you will define two pools , one for the server ip's and the second pool for the clients .
so every client will get automatically two ip's one for the server ip and the other for the client ip .
so any client will use netcut will only see himself and the server ip only and will not see any other client to cut him from the network .
i am using this . :idea:
Norims , could you explain the ARP more . when i put them reply-only the internet stopped and i think i made a mistake with it . :?
waiting your feedback .
with best regards .

Re: Mikrotik and netcut program

Posted: Tue Apr 15, 2008 2:11 am
by ahmedsaffar76
probably because your firewall needs to be configured.

1. Make firewall rules to drop ICMP unless you really need it (then make it available only for certain hosts)
2. Make static ARP entries with arp=reply-only
Hi Normis ;
here i have two questions :
1. you say " ICMP unless you really need it " , so what are the benefits from ICMP and i will lose while dropping the ICMP ? .
by the way i used the rule to drop the icmp in the input chain , but i still could ping websites in the internet .
:shock:
2. i was using pppoe and i have no problem with the netcut program because the user will see himself only on the network , but many clients complaining the wireless connection .
they face stop in the internet service it looks like the connection hang and they disconnect and reconnect again to reach the internet . any idea ?
i used 2 watt and 5 watt amplifier with my mini pci wireless card and now i am using OS 3.6 with L4 .
with best regards .

Re: Mikrotik and netcut program

Posted: Wed Apr 16, 2008 12:08 am
by asaddotcom
Hi ;
I think that using pppoe will help you alot with the netcut program .
when you use pppoe server you will define two pools , one for the server ip's and the second pool for the clients .
so every client will get automatically two ip's one for the server ip and the other for the client ip .
so any client will use netcut will only see himself and the server ip only and will not see any other client to cut him from the network .
i am using this . :idea:
Norims , could you explain the ARP more . when i put them reply-only the internet stopped and i think i made a mistake with it . :?
waiting your feedback .
with best regards .
Dear ahmedsaffar76,

How can i configure pppoe server with two pools?

Re: Mikrotik and netcut program

Posted: Sat Jun 14, 2008 4:14 am
by Mr.Elwan
HI,
To Mr\par441 and Mr\asaddotcom

Here is a link to how to create pppoe server and how to use it in MikroTik:
Video tutorial about PPPoe in Mikrotik

best regardes
P.S : this tutorial is made by a person called "ITQAN" and it is not me :D

Re: Mikrotik and netcut program

Posted: Sat Jun 14, 2008 10:27 pm
by ahmedsaffar76
Dear all ;
i am glad to back after long time .
what i did to protect myself from the netcut program is like the photo attached .
simply with the dhcp server i made the subnet mask / 252 and in this way each client will be in separate network and can not see another user .
this i think will not help all but it is a way to protect the network .
another thing maybe could help , assign a Vap to each wireless user and with the dhcp server create a dhcp server for that Vap with ip unique to that user .
but the question here will this method be easy with the firewall NAT and route and other configuration in MT ???
with best regards

Re: Mikrotik and netcut program

Posted: Fri Nov 30, 2012 3:14 am
by wfk
hi all
i know how to block netcut pro if u are using mini pci wireless with mikrotik server
just contact me >> icq50@yahoo.com

Re: Mikrotik and netcut program

Posted: Thu Oct 22, 2015 9:11 am
by loveman
hi all
i know how to block netcut pro if u are using mini pci wireless with mikrotik server
just contact me >> icq50@yahoo.com
write your method here

Re: Mikrotik and netcut program

Posted: Thu Oct 22, 2015 9:14 am
by loveman
I search in internet and i found wiki
Protecting your customers
http://wiki.mikrotik.com/wiki/Protecting_your_customers

Re: Mikrotik and netcut program

Posted: Thu Oct 22, 2015 9:20 am
by loveman
quick example:

/ip firewall filter chain=input protocol=icmp action=drop
/interface ethernet set ether1 arp=reply-only
/ip arp add address=1.1.1.1 mac-address=FF:FF:FF:FF:FF:FF interface=ether1

actually you can drop all traffic in input chain, except your personal IP. better yet - find out who violates the internet usage policy and disconnect him from internet.

If i worked Static DHCP and any new user i enter in leases (ip static and locked of mac address)
My method right which same of your method in arp static ?