Page 1 of 1

Please help me & propose a solution‏

Posted: Tue Oct 18, 2016 10:44 am
by morteziano
Hello
I am an administrator in a large store. I have a router, MikroTik to manage Internet.
I need to internet customers, and I have to give all Internet.
There is an attacker between my clients with a app, MAC address changes himself and I have no way to block it. And I do not want to be connected to the network.
The first part of the MAC address is fixed and it looks like this:
00:08:22:
He bothers me, please let me propose a solution.
Please help me.

Re: Please help me & propose a solution‏

Posted: Tue Oct 18, 2016 3:04 pm
by Splash
There isn't much you can do about this since he could spoof a MAC address to gain access to your network again. Unfortunately you are going to spend an infinite amount of time trying to update rules each time he changes his MAC. One option is option is to find him and set the dogs on him. If you have to make it more difficult for him, you could implement your internet access as a hotspot with a username/password or voucher system.

What is he actually doing? Using your Wifi to connect to other users?

Its recommended to enable "Client Isolation" on your Wireless network so that no one can talk to each other, but only connect to the internet.

Under your wireless interface configuration, un-tick "Default Forward"

Re: RE: Re: Please help me & propose a solution‏

Posted: Tue Oct 18, 2016 4:47 pm
by ErfanDL
There isn't much you can do about this since he could spoof a MAC address to gain access to your network again. Unfortunately you are going to spend an infinite amount of time trying to update rules each time he changes his MAC. One option is option is to find him and set the dogs on him. If you have to make it more difficult for him, you could implement your internet access as a hotspot with a username/password or voucher system.

What is he actually doing? Using your Wifi to connect to other users?

Its recommended to enable "Client Isolation" on your Wireless network so that no one can talk to each other, but only connect to the internet.

Under your wireless interface configuration, un-tick "Default Forward"
This solution cant help. With aircrack his can find mac of connected clients to AP.

Re: Please help me & propose a solution‏

Posted: Tue Oct 18, 2016 5:19 pm
by Splash
the only other way to is enable encryption.