After we install mikrotik router os, and afterwards tried browsing from the client’s computer, we felt that router that already finish. afterwards I was opened winbox from the client’s computer, evidently ip mikrotik router property of all the offices could be seen . this meant to give the gap to the person that to test hack the route.

Now you as the network administrator could prevent it, with configuration firewall in mikrotik

1. setting this configuration

admin@mikrotik] interface bridge> filter print
Flags: X – disabled, I – invalid, D – dynamic
0 ;;; block discovery mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=drop
1 ;;; block discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=drop
2 ;;; block discovery mikrotik
chain=output mac-protocol=ip dst-port=5678 ip-protocol=udp action=drop
3 ;;; block discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=8291
ip-protocol=tcp action=drop
4 ;;; block winbox mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=8291
ip-protocol=tcp action=drop
5 ;;; block request DHCP
chain=input mac-protocol=ip dst-port=68 ip-protocol=udp action=drop
6 ;;; block request DHCP
chain=forward mac-protocol=ip dst-port=68 ip-protocol=udp action=drop
7 ;;; block request DHCP
chain=output mac-protocol=ip dst-port=68 ip-protocol=udp action=drop

Source : http://mikrotik.unimedcenter.org/?p=53