This is a log file from Winbox on an AP. I have only one station that should be associated with this AP. The time is off on the logs but this is an ongoing thing. What should I do to try and stop this behavior? Any thoughts?

try to use VPN OR IPTables/IPChains OR IPSec/IP Filtering!

Filter
To add a firewall rule which drops all TCP packets that are destined to port 135 and going through the router, use the following command:

(the commands will drop all connection to port 135)

/ip firewall filter add chain=forward dst-port=135 protocol=tcp action=drop


To deny acces to the router via Telnet (protocol TCP, port 23), type the following command:

/ip firewall filter add chain=input protocol=tcp dst-port=23 action=drop


or for complete list, please read manual :

http://www.mikrotik.com/testdocs/ros/2.9/ip/filter.php


Firewall address lists allow to create a list of IP addresses to be used for packet matching.

http://www.mikrotik.com/testdocs/ros/2. ... s_list.php


IP Security

http://www.mikrotik.com/testdocs/ros/2.9/ip/ipsec.php

Very helpful , thanks.