Hello for everyone!
please i need ur help if u can!
i have a serious problem with my hotspot system. Anyone can bypassed it by spoofing method and then my account customer are hacked. I m sure that you already know that is possible and please if you have any solution to block it help me.
thx…
Spoof how and what? There’s several spoofing attacks and the defenses are different for each one.
hi fewi!
spoofing by users MAC changing cause all the users MAC are discovered just by simple arp request.
There is nothing that the MikroTik can do to mitigate those kinds of things.
ALL of that needs to be done at the edge of the network with the switches and access points being used to provide connections to the network. Look into layer 2 isolation on the access points, and port isolation/VLANs on the switches. By isolating clients this way you prevent them from talking to each other over the layer2 of the network.
Thx Feklar!
i know this method but i havn’t implemented it coz i thought that mikrotik had a solution for this problem.
Thx again
sorry for my english, im a francophone 
No problem. No layer3 device will have a true solution to this in and of itself. This is because they do not have direct control of what is going on at the edge of the network, and since people do not need a router to talk to local addresses. Hence why it needs to be set up there, on the devices that handle the layer2 traffic.