I really wonder how you have pulled MAC address from remote server RouterBoard.Com
By Firewall Filter i did Log for the attacker src address , so when he attacks my host , Mikrotik Server logs his Src address and (a) src Mac-Address
The src mac address logged in my Server log not belong's to me , That's all buddy
What about your ISP gateway MAC address?
As side note, F5 blog https://www.f5.com/labs/articles/threat
... kim-summit says there was attack on Jun 11 targeting some known vulnerabilities and Mikrotik's port 8291 was not forgotten. See Fig 3 for attack destination country stats.
I really wondering about possibility to be my ISP wan .. so i didn't say that it's attacker MAC , i just said it's belong to RouterBoard.com
But i'm sure that it's not my WAN interface MAC address
i checked out F5 Blog , and i found the same ip subnet of the attacker bottled in my dynamic address list
18.104.22.168 | in my dynamic address list
22.214.171.124 | in F5 article
Maybe they did it because of the Turkish elections cause My ISP Provider is Turktelecom
Also i attached all attackers ip-address who attacked my nine servers if u wanna block it in advance
You do not have the required permissions to view the files attached to this post.