{/tool fetch url=("http://www.boss-ip.com/Core/Update.ashx\?key=7da1df40bdee0309&action=upload&sncode=BDDC61FCE64D0922DD64998709BB639A&dynamic=static&user=myusername&pwd=mypassword")}
{/tool fetch url=("http://www.boss-ip.com/Core/Update.ashx\?key=bdee03097da1df40&action=upload&sncode=17E88147941B12F2E415872A518FBD9F&dynamic=static")}
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"###### Access Protection Start" disabled=yes
add action=add-src-to-address-list address-list=Hacker address-list-timeout=0s \
chain=input comment="Add External Access Tries" dst-port=\
21,22,23,80,443,8291,8728,8729 in-interface=WAN log=yes log-prefix=\
"Security System <>" protocol=tcp
add action=drop chain=input comment="Block External Access to Ports" dst-port=\
21,22,23,80,443,8291,8728,8729 in-interface=WAN protocol=tcp \
add action=drop chain=input comment="Block External Access to DNS" dst-port=53 \
in-interface=WAN protocol=tcp
add action=drop chain=input comment="Block External Access to DNS" dst-port=53 \
in-interface=WAN protocol=udp
add action=passthrough chain=unused-hs-chain comment=\
"###### Access Protection End" disabled=yesThat's your WAN interface MAC address.By the way , i tracked the hackers MAC-ADDRESS and i found this result : E4:8D:8C:3A:E5:96 .. which it belongs to RouterBoard.Com !
How did u know that !That's your WAN interface MAC address.By the way , i tracked the hackers MAC-ADDRESS and i found this result : E4:8D:8C:3A:E5:96 .. which it belongs to RouterBoard.Com !
I really wonder how you have pulled MAC address from remote server RouterBoard.ComHow did u know that !That's your WAN interface MAC address.By the way , i tracked the hackers MAC-ADDRESS and i found this result : E4:8D:8C:3A:E5:96 .. which it belongs to RouterBoard.Com !
What about your ISP gateway MAC address?No buddy i have checked all my ether(s) and bridges Mac Addresses , that's not one of it
By Firewall Filter i did Log for the attacker src address , so when he attacks my host , Mikrotik Server logs his Src address and (a) src Mac-AddressI really wonder how you have pulled MAC address from remote server RouterBoard.Com
I really wondering about possibility to be my ISP wan .. so i didn't say that it's attacker MAC , i just said it's belong to RouterBoard.comWhat about your ISP gateway MAC address?
As side note, F5 blog https://www.f5.com/labs/articles/threat ... kim-summit says there was attack on Jun 11 targeting some known vulnerabilities and Mikrotik's port 8291 was not forgotten. See Fig 3 for attack destination country stats.
MAC addresses work only at the broadcast domain level (layer 2). No MAC address is ever routed to another subnet. The MAC addresses on a frame are always updated by routers. So no, you do not have the MAC of your attacker. You have the MAC of the device in the broadcast domain that sent you the packet.
By Firewall Filter i did Log for the attacker src address , so when he attacks my host , Mikrotik Server logs his Src address and (a) src Mac-Address
The src mac address logged in my Server log not belong's to me , That's all buddy