Syed Jahanzaib Personal Blog to Share Knowledge !

December 9, 2011

Mikrotik Howto block Winbox Discovery + Limit Winbox Access


To hide your mikrotik from being appearing in WINBOX scan neighbor list, & to limit WINBOX access from your specific IP address or admin PC only,
Use the Following.

To disable winbox access using mac address you have to disable mac-server on the NIC
Go to Tools -> MAC Server
Click on the WinBox Interfaces Tab
By default this is set to all
You can add specific interfaces, and disable the all entry

OR using CLI, use the following command

/tool mac-server
add disabled=yes interface=all
/tool mac-server ping
set enabled=no

Or disable MAC Discovery for all interfaces by using following

/ip firewall filter
add action=drop chain=input comment="Block mikrotik discovery/zaib" disabled=no dst-port=5678 protocol=udp
add action=drop chain=input comment="DROP ALL WINBOX REQUEST By MAC Address" disabled=no dst-port=20561 protocol=udp
add action=drop chain=input comment="DROP ALL WINBOX REQUEST EXCEPT FROM MY PC" disabled=no dst-port=8291 protocol=tcp src-address=!192.168.2.6

The above rules will disable Mikrotik discovery via winbox, and also it will allow 192.168.2.6 to access Mikrotik. Make sure to change this ip address to match your management pc ip.

You can also disable Network Neighbor Discovery on the interface to which your network users are connected
Example:

/ip neighbor discovery set ether1 discover=no

TIP:
I recommend to block all UN-necessary services like www , ftp, ssh. Also do change the WINBOX Default port via IP > Services console just to make mikrotik more secure and allow only specific IP Address to be able to connect to Mikrotik via winbox

Regard’s
SYED JAHANZAIB

Howto Crack Mikrotik 3.30 [P.C.C SUPPORTED VER] [For Educational purpose only]


~ Article by Syed Jahanzaib ~

Crack Link for Mikrotik  3.30 have been Removed on Community Request ! 22/2/2013

I personally condemn usage of illegal/cracked version of MIKROTIK or any licensed software. I highly recommend that if you are using it just for learning purpose then its ok, otherwise if you are using it in commercial environment, then Please, Please, Please BUY it from the Mikrotik/Author WebSite. There are some grey area arguments you can make when using unlicensed software as an hobbyist individual or poor college student, but if you’re a commercial entity making money from said software, then you have little ground to stand on.

While I don’t have any problem when some very low sized network or individuals use unlicensed software when they can’t afford them.

I’m personally not comfortable stealing software and it was one of my reasons to eventually move on to Licensed Versions. I’d rather not use a program at all or get by with a more restricted free version than pirate it. I would consider making an exception for tools that are outrageously expensive for an individual, like most of Microsoft’s  products, but only with the understanding that if a person makes money using those tools, they should eventually pay for them instead of riding the free piracy train.

Anyhow ‘usage of pirated software’s’ talk will never gonna end, we should get down to our business ;) This guide will demonstrate how-to crack Mikrotik ver 3.30  >> (This version supports PCC) Hmmmmmmm

Crack Link for Mikrotik 3.30 have been Removed on Mikrotik Community Request ! 22/2/2013

 

Regard’s
SYED JAHANZAIB

%d bloggers like this: