Community discussions

Search found 23289 matches

by normis
Fri Oct 19, 2018 4:17 pm
Forum: General
Topic: libssh exploit, is Mikrotik affected?
Replies: 5
Views: 435

Re: libssh exploit, is Mikrotik affected?

This is just a coincidence, our developers called our custom SSH library "lib ssh" because it is a ssh library :) No relation to that open source project.
by normis
Fri Oct 19, 2018 2:24 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: v6 RC and v7 BETA
Replies: 5
Views: 570

Re: v6 RC and v7 BETA

Not yet, but soon
by normis
Fri Oct 19, 2018 11:10 am
Forum: Announcements
Topic: URGENT security reminder
Replies: 41
Views: 6043

Re: URGENT security reminder

hi, we have hundreds of mikrotik cpe with public static ip; fortunately, only a few of them (5) have a ros version afflicted by the vulnerability; they came from the factory with ros 6.40.3 , and a few hours from installation, someone use the vulnerability to change the password and lock us out. In...
by normis
Fri Oct 19, 2018 11:02 am
Forum: RouterBOARD hardware
Topic: Routerboard 112
Replies: 4
Views: 227

Re: Routerboard 112

new RouterOS doesn't even work on this model.
why not get a much chepaer but newer model?
by normis
Thu Oct 18, 2018 3:04 pm
Forum: General
Topic: libssh exploit, is Mikrotik affected?
Replies: 5
Views: 435

Re: libssh exploit, is Mikrotik affected?

We don't use Libssh
by normis
Thu Oct 18, 2018 8:34 am
Forum: RouterBOARD hardware
Topic: Cracked cover on RouterBOARD DISC Lite5
Replies: 50
Views: 3768

Re: Cracked cover on RouterBOARD DISC Lite5

Colleagues? Are you a distributor ?
by normis
Thu Oct 18, 2018 8:26 am
Forum: RouterBOARD hardware
Topic: Cracked cover on RouterBOARD DISC Lite5
Replies: 50
Views: 3768

Re: Cracked cover on RouterBOARD DISC Lite5

As you know which CPE are affected by the problem but our distributor keeps telling us he doesn't receive this information, can I send you all the serials, so you tell me which ones could be broken and which ones are safe? I already said that the issue is fixed in manufacturing recently (meaning th...
by normis
Wed Oct 17, 2018 3:49 pm
Forum: General
Topic: Which Mikrotik Product To Buy?
Replies: 4
Views: 227

Re: Which Mikrotik Product To Buy?

Unless you have specific requirements in number of ports, speed or mounting type, any MikroTik wifi device will be better.
This one should cover most peoples needs: https://mikrotik.com/product/hap_ac2
by normis
Wed Oct 17, 2018 2:42 pm
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 339
Views: 108627

Re: Tik App, MikroTik android utility ALPHA test

Funny conflict in your sentence :D You like it, but you don't want it.
by normis
Wed Oct 17, 2018 12:11 pm
Forum: RouterBOARD hardware
Topic: Cracked cover on RouterBOARD DISC Lite5
Replies: 50
Views: 3768

Re: Cracked cover on RouterBOARD DISC Lite5

Sorry, but none of these are made recently. end of 2016 and early 2017
by normis
Wed Oct 17, 2018 10:11 am
Forum: Announcements
Topic: URGENT security reminder
Replies: 41
Views: 6043

Re: URGENT security reminder

Yes, this is what it means
by normis
Wed Oct 17, 2018 10:09 am
Forum: RouterBOARD hardware
Topic: LtAP mini/kit with USB A host port?
Replies: 2
Views: 114

Re: LtAP mini/kit with USB A host port?

But why? It already has place for two modems
by normis
Tue Oct 16, 2018 12:54 pm
Forum: General
Topic: Passthrough lte and slave interface.
Replies: 2
Views: 91

Re: Passthrough lte and slave interface.

Please clarify what you want to achieve. If you need passthrough, you can't have other config and bridges, it will just pass the address through, like the name says. If you need access to unit and other configuration, you probably don't need passthrough
by normis
Mon Oct 15, 2018 12:12 pm
Forum: Virtualization
Topic: CHR license on router with no internet
Replies: 9
Views: 404

Re: CHR license on router with no internet

Yes, it will keep working with full functionality, but will not allow upgrades. At least for now. Further restrictions could be added in time.
by normis
Fri Oct 12, 2018 2:43 pm
Forum: Beginner Basics
Topic: no "home AP" mode in SXT Lite 2
Replies: 16
Views: 482

Re: no "home AP" mode in SXT Lite 2

the swim and walk analogy doesn't apply, since in this case AP is something more capable than CPE what you have.

You bought a car and ask why it doesn't fly.
While an airplane can ride on wheels.
by normis
Fri Oct 12, 2018 1:16 pm
Forum: General
Topic: Whats the difference between long term and stable?
Replies: 2
Views: 214

Re: Whats the difference between long term and stable?

yes, long-term means it is tested for a longer time, thus, more stable.
by normis
Fri Oct 12, 2018 1:07 pm
Forum: General
Topic: Ltap Mini LTE Kit GPS Not Working [SOLVED]
Replies: 1
Views: 114

Re: Ltap Mini LTE Kit GPS Not Working [SOLVED]

Is the GPS antenna indoors on the table, like in the photo? it must be outside for the first fix.
by normis
Fri Oct 12, 2018 10:54 am
Forum: Forwarding Protocols
Topic: RB4011 vs. CCR1009 BGP
Replies: 42
Views: 1979

Re: RB4011 vs. CCR1009 BGP

Yes, we are aware of this peculiarity and we are working also on new routers that have higher power per core, not just many cores.
by normis
Fri Oct 12, 2018 9:48 am
Forum: Forwarding Protocols
Topic: RB4011 vs. CCR1009 BGP
Replies: 42
Views: 1979

Re: RB4011 vs. CCR1009 BGP

Those without facebook. Actually Andrew has written it correctly. Here is what he says there: My new response to people saying Mikrotik BGP being single threaded is causing them performance issues: A few points: 1) Control Plane ≠ Forwarding Plane While the processing of routing updates happens in a...
by normis
Fri Oct 12, 2018 9:11 am
Forum: General
Topic: Jailbreak for RouterOS 6.43.2 released [SOLVED]
Replies: 16
Views: 1159

Re: Jailbreak for RouterOS 6.43.2 released [SOLVED]

There is a big difference between Jailbreak and Vulnerability. Jailbreak is not explicitly forbidden by MikroTik. It is simply another method to get into the linux sub system to run your own custom tools on the device. Like explained above, it requires phyical access, username and password. This can...
by normis
Thu Oct 11, 2018 5:13 pm
Forum: General
Topic: Firmware not upgrading
Replies: 14
Views: 435

Re: Firmware not upgrading

Means you haven't upgraded it, or rebooted it, it crashed before it did anything.
by normis
Thu Oct 11, 2018 5:03 pm
Forum: General
Topic: Firmware not upgrading
Replies: 14
Views: 435

Re: Firmware not upgrading

Somehow it sounds like it is already compromised. Tell us the exact error messages you saw, and post the entire log, when you made the reboot.
by normis
Thu Oct 11, 2018 4:22 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 41
Views: 6043

Re: URGENT security reminder

If the attacker scans your ports, he will find the new port number too. Upgrade anyway!
by normis
Thu Oct 11, 2018 3:48 pm
Forum: General
Topic: iPhone XS and Mikrotik hAP ac
Replies: 29
Views: 1489

Re: iPhone XS and Mikrotik hAP ac

So what is the problem that remains in 12.0.1 ?
Enabele wireless debug logs and make supout.rif files when you see the issue, email the files to mikrotik support. Maybe there is also something to improve in RouterOS side.
by normis
Thu Oct 11, 2018 1:18 pm
Forum: Beginner Basics
Topic: Can't connect to Mikrotik from outside
Replies: 9
Views: 468

Re: Can't connect to Mikrotik from outside

You forgot to specify the IP address you allow connections from! Because right now, your device is open to the world (hackers)
by normis
Thu Oct 11, 2018 1:15 pm
Forum: General
Topic: [Feature Request] Winbox username is sent in plain text
Replies: 10
Views: 522

Re: [Feature Request] Winbox username is sent in plain text

Thanks Emils for quick response in both ticket reply and here. I really appreciate it. I will not pretend that I understand how that protocol works. I can only believe it really is secure against MITM. However, it feels like being against recommended way to secure the router: https://wiki.mikrotik....
by normis
Thu Oct 11, 2018 12:13 pm
Forum: General
Topic: Winbox Service Automatically Going Disable
Replies: 1
Views: 134

Re: Winbox Service Automatically Going Disable

Where do you see it disabled? Do you have firewall enabled? Does anyone else have access to your device?
by normis
Thu Oct 11, 2018 10:41 am
Forum: General
Topic: iPhone XS and Mikrotik hAP ac
Replies: 29
Views: 1489

Re: iPhone XS and Mikrotik hAP ac

Try latest iOS 12.0.1 where the wifi issues are supposed to be fixed.
by normis
Wed Oct 10, 2018 3:17 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 41
Views: 6043

Re: URGENT security reminder

Cassio, please read the blog entry that was linked in first post. It answers all your questions and more;
https://blog.mikrotik.com/security/winb ... ility.html
by normis
Wed Oct 10, 2018 11:42 am
Forum: General
Topic: Can default configuration be hacked?
Replies: 8
Views: 594

Re: Can default configuration be hacked?

Netflix not working is in no way some indication of a hacked router. There could be lots of reasons why.
by normis
Wed Oct 10, 2018 10:40 am
Forum: Beginner Basics
Topic: no "home AP" mode in SXT Lite 2
Replies: 16
Views: 482

Re: no "home AP" mode in SXT Lite 2

point to point implies single unit on each end of the link
multiple client units are called 'point to multipoint' or AP or something like that
by normis
Wed Oct 10, 2018 9:53 am
Forum: Announcements
Topic: URGENT security reminder
Replies: 41
Views: 6043

Re: URGENT security reminder

As for who does not have the user and password of the Routerboard Expecific, is there the possibility of access in root mode and exploit this vulnerability?
Your firewall should not allow people to access your router.
If you have updated RouterOS, nobody can exploit this vulnerability.
by normis
Wed Oct 10, 2018 9:26 am
Forum: Announcements
Topic: Security announcement blog
Replies: 110
Views: 14850

Re: Security announcement blog

Yes, it is exactly that. Denial of service from some type of IPv6 packet flood, where router runs out of resources. It was answered, that we accept this as a bug, but we would not call it a vulnerability, because there are many ways how to exhaust resources of any device.
by normis
Tue Oct 09, 2018 12:46 pm
Forum: General
Topic: MacOS Winbox features and limitations
Replies: 4
Views: 346

Re: MacOS Winbox features and limitations

Actually, I personally have switched to an easier solution:

1. install Wine from the WineHQ homepage
2. run winbox.exe file

It works and there are no limitations
by normis
Tue Oct 09, 2018 11:52 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 244
Views: 31054

Re: Winbox vulnerability: please upgrade

Maybe MikroTik or one of the expert scripting users could post a script that changes the firewall filter rules of a router to the new default firewall. The script that adds that is of course already available in the router but it does a lot of other things. Some users might not be prepared to reset...
by normis
Tue Oct 09, 2018 11:40 am
Forum: RouterBOARD hardware
Topic: Improove capacitor quality
Replies: 3
Views: 494

Re: Improove capacitor quality

My suggestion is to specify which model you had failing like that. I think this issue is from a very long time ago, as last years we use different capacitors.
by normis
Tue Oct 09, 2018 11:33 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 244
Views: 31054

Re: Winbox vulnerability: please upgrade

pe1ch, do you think this script in a scheduler rule would be a good idea? the scheduler time could be determined by the user (or disabled): /system package update check-for-updates once :delay 1s; :if ( [get status] = "New version is available") do={ install } we could add this into our iOS/Android ...
by normis
Tue Oct 09, 2018 9:48 am
Forum: Announcements
Topic: URGENT security reminder
Replies: 41
Views: 6043

URGENT security reminder

As alredy reported multiple times, in April 2018 MikroTik fixed a vulnerability in the Winbox server component, which allowed an attacker to gain access to your RouterOS device, if the Winbox port was opened to untrusted networks. Most MikroTik devices include a default firewall that prevents this, ...
by normis
Mon Oct 08, 2018 11:29 am
Forum: Announcements
Topic: Security announcement blog
Replies: 110
Views: 14850

Re: Security announcement blog

That ticket talks about packet flood over IPv6, I think. I did not read the whole ticket, there are many emails. Ticket number is from the first mail.
by normis
Mon Oct 08, 2018 9:17 am
Forum: General
Topic: Mikrotik's long-term orientation/strategy
Replies: 1
Views: 354

Re: Mikrotik's long-term orientation/strategy

1) We generally announce all somewhat definite plans at our bigger MUM events around the world 2) MikroTik has always relied on distributors for all sales and any kind of contracts. MikroTik doesn't usually deal with customers directly. 3) Nothing definite to announce, but all kinds of things have b...
by normis
Fri Oct 05, 2018 11:41 am
Forum: Wireless Networking
Topic: 802.11af
Replies: 2
Views: 221

Re: 802.11af

No, we don't.
by normis
Thu Oct 04, 2018 9:59 am
Forum: General
Topic: Kid control
Replies: 6
Views: 261

Re: Kid control

Did it create any queues at the time the rules are active?

/queue simple print
by normis
Wed Oct 03, 2018 4:32 pm
Forum: RouterBOARD hardware
Topic: Cracked cover on RouterBOARD DISC Lite5
Replies: 50
Views: 3768

Re: Cracked cover on RouterBOARD DISC Lite5

2. We did a check on some installed CPE and we found randomly cracked cover on CPE's bought from April 2017 to some months ago. It's a tragedy. Please tell me the Serial Number. "Bought" and "manufactured" are different things. Sales did email Distributors about these things, I have seen these emai...
by normis
Tue Oct 02, 2018 1:03 pm
Forum: General
Topic: MikroTik hEX S high temperature
Replies: 6
Views: 243

Re: MikroTik hEX S high temperature

Yes, it is normal and will not harm the device.
by normis
Tue Oct 02, 2018 12:02 pm
Forum: Wireless Networking
Topic: hap ac achievable wifi speed?
Replies: 28
Views: 1040

Re: hap ac achievable wifi speed?

No special settings. Wlan1 in bridge with Ethernet
Image Pasted at 2018-10-2 12-01.png
by normis
Tue Oct 02, 2018 9:40 am
Forum: Wireless Networking
Topic: hap ac achievable wifi speed?
Replies: 28
Views: 1040

Re: hap ac achievable wifi speed?

We did reach nearly 700Mbit, but that was inside an anechoic chamber with no outside interference, and with specific iperf3 settings. With normal conditions you should expect 500-600Mbit on 3 chains.
by normis
Mon Oct 01, 2018 4:16 pm
Forum: General
Topic: Cloud Backup
Replies: 3
Views: 292

Re: Cloud Backup

More specifically, the backups are stored in MikroTik own datacenter, managed and accessed only by MikroTik, on MikroTik property.
by normis
Mon Oct 01, 2018 3:42 pm
Forum: Wireless Networking
Topic: hap ac achievable wifi speed?
Replies: 28
Views: 1040

Re: hap ac achievable wifi speed?

With 3 chain client (like macbook pro) we have seen above 500Mbit iperf3 results.
by normis
Mon Oct 01, 2018 2:24 pm
Forum: Announcements
Topic: Newsletter #84
Replies: 41
Views: 6832

Re: Newsletter #84

This is a Friday question I don't expect anyone to answer but will there be T-Shirts at the UK MuM in Birmingham?
I really hope so.
I love t-shirts.
Yes. T-shirts, stickers and free routers ;)