My problem with Hacker I want a solution

shereer · July 17, 2011, 2:10am

Hello

I used Server Mikrotik v5.2 (x86), where the hotspot is enabled, and I distribute the Internet service

But when someone(HACKER) change the Mac address to the same MAC address one of the Users He Will be able to login without a username or password and to obtain a free Internet.

This problem is very troublesome,

I believe that the Mikrotik company has the greatest minds ,But why is not doing to solve this problem ??

Is there a way to prevent the use of two identical MAC address at the same moment ??

fewi · July 17, 2011, 2:28am

Search the forums for “netcut”. This has been discussed to death.

shereer · July 17, 2011, 2:57am

I do not mean “netcut” … I mean the Haker can get on the Free internet when change the same MAC address one of the Users He Will be able to login without a username or password and to obtain a free Internet.

jtroybailey · July 17, 2011, 3:07am

which is what netcut does. search netcut on the forums and have a read.

shereer · July 17, 2011, 3:15am

Is there a way to prevent the use of two identical MAC address at the same moment ??

sup5 · July 17, 2011, 7:58am

just make it harder for the hacker to obtain a working mac-address by deploying proper user isolation.

User isolation ensures that the user only sees the hotspot server and nothing else.
This can be accomplished by disabling default forwarding on your wireless APs and enabling horizon bridging on your bridge interfaces.

shereer · July 17, 2011, 8:31am

I enabled isolation

The problem is that HACKER has all the Mac addresses, just changes the one Mac addresse to Mac addresse User will get free Internet

I want a solution

sup5 · July 17, 2011, 2:04pm

In this case you are out of luck, I guess.

The only solution might be to completely alter all authorization methods.
i.e. Hotspot->PPPoE
or changing wireless passwords for all of your customers excluding the hacker.

Another way might be to hand out locked CPEs to your customers.

shereer · July 17, 2011, 3:07pm

I think I identified the source of the problem …

When a user1 enters will automatically appear in the page DHCB LEASES
Here user1 will get the IP
When a change HACKER MAC to MAC user1 will get the same IP and Will be able to use the Internet for free on the user1 account.

But when I remove and clean DHCB LEASES , if the HACKER change MAC to MAC user1 will get a different IP

And Will not be able to access to the Internet for free and will show the login a page asking him to enter username and password

This great result, but the problem I am forced to manually remove DHCB LEASES

My question is
1 - Is there a way to do that automatically, ?
2 - or Is there a way to disable DHCB LEASES?
3 – OR Is there a way of forcing HACKER that gets at IP different from that used by the user1 ?

If we can forcing HACKER that gets at IP different from that used by the user1 , Will we have spent on the final problem

aacable · July 26, 2011, 7:05am

This is more like a social issue rather than naming it technical issue. As sup suggested, use the PPPoE (with server ipless scenario) base authentication with strong passwords, trust me, this way you will get rid of many hacking related issues.

I was also annoyed by arp poisoning issues / hacking attempts where smart users tries to clone the mac/ip of working users in order to use internet or just for fun. After changing my authentication scenario to pppoe, I sleep better in night ~

Also you can use Radius Server to get rid of some overhead management issues.

vlad8 · October 20, 2011, 9:39am

a solution is to enable pppoe-server on hotspot interface instead of dhcp-server.
So if he hasn’t got a username and a password he can’t connect to hotspot