Hi

i need a script to hide the MAC address of interface on the local side so the client will not see what is the MAC address of my Mikrotik as some attackers using sniper programs to know the MT Mac address and do virtual server on them PCs to attack the users .

Regards
Ahmed

There is no such script as MAC address is an essential component of layer2 functionality. If you hide MT's MAC address then you will lose connectivity with MT.

The best you can do is to implement in front of MT a layer2+ switch (such as Zyxel ES-3124) with ARP guard to filter out intruders. Be aware that you need to activate DHCP snooping at least one or two days before running ARP guard otherwise you risk cutting off legitimate customers.

Other thing you can do is to change MT's MAC address periodically, there's even a scrip for this, but this offers you no protection in front of an attacker.

Read this excellent presentation done by Wardner Maia

Layer 2 Security - Attacks and Countermeasures using MikroTik RouterOS
http://mum.mikrotik.com/presentations/PL10/maia.pdf

I think that you can grab some ideas from there.

Thanks

Read this excellent presentation done by Wardner Maia

Layer 2 Security - Attacks and Countermeasures using MikroTik RouterOS
http://mum.mikrotik.com/presentations/PL10/maia.pdf

I think that you can grab some ideas from there.