Community discussions

Search found 17 matches

by Staj
Tue Mar 07, 2017 6:50 pm
Forum: General
Topic: CIA exploits against Mikrotik hardware
Replies: 97
Views: 44001

Re: CIA exploits against Mikrotik hardware

For the record, this is exactly why I brought up weak keys and future crypto in 2014. APTs are targeting this platform and if you're valuable enough, they'll expend the neccessary resources.
by Staj
Wed Sep 14, 2016 8:49 am
Forum: General
Topic: Feature requests
Replies: 1160
Views: 208321

Re: Feature requests

DHCP Half-Bridge. LTE support is all well and good but without it, makes it hard to integrate into existing networks.
by Staj
Thu Dec 31, 2015 8:08 am
Forum: The Dude
Topic: The Dude is back! v6.34rc test build released
Replies: 269
Views: 74346

Re: The Dude is back! v6.34rc test build released

Removed features:
* Windows server
Is this just temporary or is the Windows server absolutely gone for good?
by Staj
Tue Jan 20, 2015 11:44 am
Forum: General
Topic: RouterOS SSH and 1024 bit DSA keys
Replies: 2
Views: 1374

Re: RouterOS SSH and 1024 bit DSA keys

Has there been any movement on this? Unfortunately this problem isn't going away and it will only get worse as time goes by. It is now fairly apparent that certain actors are exploiting weak keys used by SSH as used in network equipment. At what point does this become serious enough for this to be a...
by Staj
Thu May 22, 2014 6:04 am
Forum: General
Topic: RouterOS SSH and 1024 bit DSA keys
Replies: 2
Views: 1374

RouterOS SSH and 1024 bit DSA keys

Are there any plans to increase key size for DSA keys for SSH? Also, are there any plans to support ECC crypto for SSH? Given the advances in research on the discrete logarithm problem, we really need to start thinking about this.
by Staj
Wed Oct 23, 2013 8:48 am
Forum: General
Topic: Webfig Skins - Hidden Fields Unhidden on Index
Replies: 7
Views: 2460

Re: Webfig Skins - Hidden Fields Unhidden on Index

I see what you've done, got rid of Quick Set and simply have status, the wireless tab and it's security profiles. Not ideal but workable enough, I think in the end I might just whip up a remotely configured solution instead so it's actually secured. Thanks for your help but I think the Webfig skins ...
by Staj
Tue Oct 22, 2013 9:50 am
Forum: General
Topic: Webfig Skins - Hidden Fields Unhidden on Index
Replies: 7
Views: 2460

Re: Webfig Skins - Hidden Fields Unhidden on Index

I'll take a look at the skin, thanks. Regarding the security, when I get some time I might try to develop a PoC of an exploit, assuming it is just presentation layer security. I had a quick look at the client-side JS engine and it's basically encapsulating and encrypting it's messages to the router ...
by Staj
Mon Oct 21, 2013 8:02 am
Forum: General
Topic: Webfig Skins - Hidden Fields Unhidden on Index
Replies: 7
Views: 2460

Re: Webfig Skins - Hidden Fields Unhidden on Index

I must be doing something wrong because it just flat out doesn't work now. I simply can't hide any fields under any circumstances on the Quick Set page. Read-only, notes, tabs and separators still seem to work though. Status page isn't useful for my scenario because it forces everything to be read-o...
by Staj
Sat Oct 19, 2013 9:10 am
Forum: General
Topic: Webfig Skins - Hidden Fields Unhidden on Index
Replies: 7
Views: 2460

Re: Webfig Skins - Hidden Fields Unhidden on Index

Didn't seem to work for me, in FireFox or IE. What possible use-case is there for only having presentation-layer security? I can't think of any scenarios where you'd want to hide options and not prohibit access/modification of them.
by Staj
Fri Oct 18, 2013 11:47 am
Forum: General
Topic: Webfig Skins - Hidden Fields Unhidden on Index
Replies: 7
Views: 2460

Webfig Skins - Hidden Fields Unhidden on Index

I have a user with the following policy permissions (!local,!telnet,!ssh,reboot,read,!test,!winbox,password,web,!sniff,sensitive,!api,!ftp,write,!policy) and they have the webfig skin below but immediately upon login they are sent to http://routerIPhere/webfig/ and all the skin Quick Set fields I've...
by Staj
Fri Oct 18, 2013 7:13 am
Forum: Wireless Networking
Topic: RB951Ui-2HnD: Poor WLAN performance in domestic environment
Replies: 4
Views: 3085

Re: RB951Ui-2HnD: Poor WLAN performance in domestic environm

I think there could be something wrong with quickset in v6.4? I factory reset one of them, did a /interface wireless export and applied that over to the other one and I seem to be getting the expected performance in a lab setting, can't testify to stability though.
by Staj
Fri Oct 11, 2013 3:46 am
Forum: Wireless Networking
Topic: RB951Ui-2HnD: Poor WLAN performance in domestic environment
Replies: 4
Views: 3085

RB951Ui-2HnD: Poor WLAN performance in domestic environment

Hello, I have two RB951Ui-2HnD running 6.4 I'm using to trial for our staff housing (each house has an internet connection) but I've gotten universal feedback of poor wireless performance compared with our old cheap and nasty TP-Link wireless routers. Setup is fairly simple, Mikrotik acts as a PPPoE...
by Staj
Wed Sep 25, 2013 12:26 pm
Forum: General
Topic: Bridging PPP (LTE) to Eth
Replies: 5
Views: 2551

Re: Bridging PPP (LTE) to Eth

LTE modem is operating properly again, however, even if I bridge the PPP client to the ethernet port using BCP how do I give the device plugged into ethernet the IP address provided by the ISP (from PPP) via DHCP to the ethernet device?
by Staj
Fri Jul 26, 2013 1:02 pm
Forum: General
Topic: Bridging PPP (LTE) to Eth
Replies: 5
Views: 2551

Re: Bridging PPP (LTE) to Eth

Unfortunately, it seems I have a new problem. When accessing the LTE interface for "Info..." or "Scan" it produces the error "Couldn't start - Configuration running, please wait! (6)". Seems to be the same error this guy has. Tried 5.25 and 6.1. I think it might be easier to just pay someone else to...
by Staj
Fri Jul 26, 2013 11:07 am
Forum: General
Topic: Bridging PPP (LTE) to Eth
Replies: 5
Views: 2551

Re: Bridging PPP (LTE) to Eth

They don't even make for good paper-weights, they're not that heavy...
by Staj
Wed Jun 12, 2013 4:50 am
Forum: General
Topic: Bridging PPP (LTE) to Eth
Replies: 5
Views: 2551

Re: Bridging PPP (LTE) to Eth

Nobody can help?
by Staj
Tue Jun 04, 2013 9:55 am
Forum: General
Topic: Bridging PPP (LTE) to Eth
Replies: 5
Views: 2551

Bridging PPP (LTE) to Eth

I'm replacing pieces of equipment with some RouterBOARD 411U's, each having a Sierra Wireless AirPrime MC7710 module. I'm attempting to replicate the same specific setup as the equipment it is replacing. Basicially, I need direct IP. I need to bridge the PPP connection with the ethernet interface. I...