Hello
How do I prevent programs and all programs netcut hacker to penetrate the server Almaekerotk BR433 - XR5
By learning what the firewall does? http://wiki.mikrotik.com/wiki/Firewall
You need to learn more and understand the subject more. But the above link will help.
This topic may help:
http://forum.mikrotik.com/t/mikrotik-and-netcut-program/18369/1
“Almaekerotk?!?!”
Looks like I have the same problem with “Netcut” on my payed hotspot (Standard MT-hotspot), but only from time to time.
However, now I am asked to implement several FREE hotpots on an university campus. Actually I am afraid of it, because of the chance to attract a crowd of “netcutters” from the smart students.
I did not find any simple to use cookbook for protection using a search on this forum.
Any updates for this topic ?
In my opinion the safest way to protect clients from Netcut to control their access to the network.
- WPA/WPA2 configuration on AP should do the job for the wireless clients;
- Management switch should do the job for Ethernet network;
When it is not possible to use both mentioned options, but 100% defense from netcut is needed, I would recommend to use PPPoE server;
- disable IP address on local interface;
- setup PPPoE server on the local interface;
PPPoE client gets address, when PPPoE session is established.
Hi, sergejs:
I think, all the offered solutions are not user friendly enough for a public/free hotspot.
And they interfere with the standard hotspot-setup of RoS. So installation is not easy.
I would appreciate a “99%” solution, easy to be used together with default MT hotspot setup.
May be, we can discuss some general approaches ?
How about
- During login to MT-hotspot, in alogin.html insert a script to create a static ARP entry to the gateway (MT-box)
for the hotspot-client - in hotspot on MT-box, create static ARP to hotspot-client entry after successful login
- block ICMP in MT-box firewall
Any comments ?
Static ARP does not work with HotSpot Universal client.