If i’m right srmed2000 is using hotspot to authenticate wireless users via mac so hacker uses their mac to steal their internet.
Well, if that’s the case, there’s almost nothing you can do about these hacks becouse you can’t differ ppl that is cloning mac address from regular ppl. Sure, you can use the rule above which will block the regular user as well, but hacker will surely have all macs from that AP and that rule may just annoy him but not stop him.
My advice is to use user/password for hotspot clients rather than mac login, at least for users of that AP. Other alternative is to change regular users mac but that may be problem and it will work for a short time.
You can use some equipment/packet sniffing/radiate source positioning to track him, and when you got him… you know what to do - that will make an example for others.
And btw, you should learn basics of the Mikrotik first.
Yes! all the above said is good while hiding the MAC address through configuration settings. MAC access will be open to hackers when we allow them without any security settings. We can also be aware, first of all that our IP address are open to hackers for accessing the internal server details. I always prefer to hide my external IP address in order to take initiative at the beginning itself. I had used VPN software to hide the server IP and checked the IP address change through the website http://www.IP-Details.com/ and now it makes me alert regard unwanted IP access.