Community discussions

MikroTik App
  4. RouterOS
  5. General

ip gateway hijacked

Post Reply
 
biting77
newbie
Topic Author
Posts: 28
Joined: Sat Sep 18, 2004 7:00 pm
Location: surabaya Indonesia

ip gateway hijacked

Wed May 24, 2006 1:56 pm

hi i have a problem, my internal network ip address gateway (192.168.0.1) being hijacked, im using mk2.8.15 and dhcp server for my internal address. any one have any suggestion to aviod this happen again, i really hate this, this problem ruin my entire vacation :evil:
Top
 
advantz
Member Candidate
Member Candidate
Posts: 187
Joined: Thu Jul 08, 2004 4:11 am

Wed May 24, 2006 2:04 pm

set reply-only for arp in /ip arp
that means static arp entries

cmiiw?
Top
 
biting77
newbie
Topic Author
Posts: 28
Joined: Sat Sep 18, 2004 7:00 pm
Location: surabaya Indonesia

Thu May 25, 2006 8:03 am

ok i will try it, thx
Top
 
biting77
newbie
Topic Author
Posts: 28
Joined: Sat Sep 18, 2004 7:00 pm
Location: surabaya Indonesia

Fri May 26, 2006 8:25 am

it dosn't work....if this dummy gateway show's up my network is going down again :(
Top
 
kapusta_kiszona
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Wed May 25, 2005 12:48 pm
Location: Poland

Fri May 26, 2006 10:03 am

It appears there is no cure in current version. I have the same problem. Even cheap routers have MAC and IP pairing on any interface and it WORKS. Mikrotik network probably can be put down by anyone using gate IP address.
Top
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26385
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Fri May 26, 2006 10:05 am

just like it was suggested, RouteOS DOES have mac and IP pairing, it can be done with proxy ARP. So your cheap routers would not do any better as it seems
Top
 
biting77
newbie
Topic Author
Posts: 28
Joined: Sat Sep 18, 2004 7:00 pm
Location: surabaya Indonesia

Fri May 26, 2006 11:03 am

now i move my ip gateway address to another ip, hope this works, if is still doesn work, i will find that person who did this and kick his butt... :evil:
Top
 
Mapik
Frequent Visitor
Frequent Visitor
Posts: 90
Joined: Tue Nov 29, 2005 11:08 am

Fri May 26, 2006 5:23 pm

Try disable forwarding on wireless between users and set static ARP and reply only on interface... it may help
Top
 
kapusta_kiszona
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Wed May 25, 2005 12:48 pm
Location: Poland

Fri May 26, 2006 8:58 pm

Normis. Manual isn't verbose about it. I read it many times. Tried it on my equipment and problems still happen.

I have MT with all interfaces bridged. For which interface I have to set static ARP? Bridge? And arp reply only on interfaces to which clients connects? Would you give me example?

Does "arp reply only" setting affects DHCP? I have centralised DHCP server and it's not Mikrotik. I want Mikrotik to be transparent for arp traffic except bad MAC-IP pairs.
Top
 
biting77
newbie
Topic Author
Posts: 28
Joined: Sat Sep 18, 2004 7:00 pm
Location: surabaya Indonesia

Sat May 27, 2006 7:12 am

i have tried to set the arp in reply only mode and add arp list manually, it doesnt work because that dummy gateway using xp box and it has it own dhcp server. so set this to static it doesnt help and make my network totaly jam :(
Top
 
Mapik
Frequent Visitor
Frequent Visitor
Posts: 90
Joined: Tue Nov 29, 2005 11:08 am

Sun May 28, 2006 1:03 am

bridge filter may help to filter DHCP packets... and disabled forward on card also...
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 202 guests
  4. RouterOS
  5. General