A final solution to the problem of the netCut

hareth · November 19, 2014, 7:27pm

Is there a real solution to netcut
Please advise me please

hareth · November 21, 2014, 4:39pm

No refund

skillful · November 21, 2014, 4:50pm

The solution is PPPoE

hareth · November 23, 2014, 6:50pm

I hope I find a solution to this problem

normis · November 24, 2014, 2:09pm

isolate clients from eachother, then all problems will be solved.
use default-forwarding=no to deny connection from one customer to another, and use wpa encryption keys to avoid strangers in your network

hareth · December 3, 2014, 3:46pm

???

normis · December 4, 2014, 6:42am

Please let me know what is not clear from my answer. Thanks

hareth · December 9, 2014, 3:14pm

I did not know that there are settings of connecting with the WPA Filter USER manager
I think you are telling me that I work on WPA access lists Point only Prevent stolen online
Can you by the grace of heuristic to the correct settings for WPA

hareth · December 10, 2014, 5:22pm

!!!11

hareth · December 21, 2014, 5:09pm

!!!1111111

jarda · December 21, 2014, 9:16pm

Hareth, this is not the way how this forum works. If you don’t get satisfactory answer, it’s probably your fault. Either you formulated your question badly or you didn’t understand the answer.

hasanakgoz · January 23, 2015, 1:27am

Hi normis;

I do not understand. The authorized users only and is controlled mac and ip adress? is HTTP cookie= ip+mac+random id, Does not control?. Is this configuration error?. Does it matter ip or mac address? Does this situation happens again, we just use the radius server? Could you please give me some more info? ( I using cloud core. Hotspot using Wifi Network )

https://www.youtube.com/watch?v=gDZ1LbpqXIA
https://www.youtube.com/watch?v=ngmanR25PQo

http://wiki.mikrotik.com/wiki/Manual:Hotspot_Introduction
“HTTP cookie - after each successful login, a cookie is sent to the web browser and the same cookie is added to active HTTP cookie list. Next time the same user will try to log in, web browser will send the saved HTTP cookie. This cookie will be compared with the one stored on the HotSpot gateway and only if source MAC address and randomly generated ID matches the ones stored on the gateway, user will be automatically logged in using the login information (username and password pair) was used when the cookie was first generated. Otherwise, the user will be prompted to log in, and in the case authentication is successful, old cookie will be removed from the local HotSpot active cookie list and the new one with different random ID and expiration time will be added to the list and sent to the web browser. It is also possible to erase cookie on user manual logoff (not in the default server pages, but you can modify them to perform this). This method may only be used together with HTTP PAP, HTTP CHAP or HTTPS methods as there would be nothing to generate cookies in the first place otherwise”

sergejs · January 23, 2015, 8:27am

Hareth, what real problem from Netcut do you have?

hasanakgoz · January 23, 2015, 11:41am

Hi sergejs;

Can you watch video ? and Is this http cookie? ( for attachment picture)

https://www.youtube.com/watch?v=gDZ1LbpqXIA
https://www.youtube.com/watch?v=ngmanR25PQo

sergejs · January 23, 2015, 11:57am

Cookie option is for different purpose, it has nothing to do with IP/MAC scanning software.
At the moment HotSpot does not have any option to check unique secret key. For HotSpot server, legitimate user A with IP address x.x.x.x and MAC-address yy:yy:yy:yy:yy:yy, is the same as “bad” user who uses the same IP address x.x.x.x and MAC-address yy:yy:yy:yy:yy:yy:yy
When you have network with “bad” users, that are using IP/MAC scanning software. The main rule is protect/control their access to local network, then netctut and other IP/MAC softwares will be useful.

hasanakgoz · January 23, 2015, 12:35pm

Hi Sergejs;

this a bad sitiuation. is this wiki information wrong ? “if source MAC address and randomly generated ID matches the ones stored on the gateway, user will be automatically logged in using the login information (username and password pair) was used when the cookie was first generated” How do we check the wireless network?. What is your suggestion? 802.1x etc ..? if so, why would I use MikroTik hotspot software? any simple way you can get the same IP/Mac Address.

sergejs · January 23, 2015, 12:43pm

this a bad sitiuation. is this wiki information wrong ? “if source MAC address and randomly generated ID matches the ones stored on the gateway, user will be automatically logged in using the login information (username and password pair) was used when the cookie was first generated”

Yes, because from router point of view, randomly generated IP/MAC is the same as for valid IP/MAC combination.

Yes, proper WPA configuration setup is enough to stop mac/ip scanning program in your network.

hareth · January 23, 2015, 2:04pm

Thank you very much
In fact,
Yes, it is for this problem and the penetration in the explanation
YouTube on the links established by the
Is the problem that made me hate MIKROTK and made me desperate surfer MIKROTK
Each annotated solutions
In its Web sites and is not damaged Gagne
Even radical solutions

normis · January 23, 2015, 2:06pm

why is it a problem to use WPA? give your customer the WPA key when you give them the username.

sergejs · January 23, 2015, 2:10pm

The same you can get with regular sniffer. Due to design and implementation of Ethernet, each person can get access to IP/MAC address by application (that is not specifically netcut). That’s why to protect from such situation, you need to invest 10-20 minutes to improve your setup to handle all bad users, that may take any valid IP/MAC combination from paying client.