Community discussions

Search found 1679 matches

by BartoszP
Sun Oct 06, 2019 8:36 am
Forum: General
Topic: Is MikrotikOS good enough to support two networks independent of each other? (one needs PPPoE)
Replies: 26
Views: 3450

Re: Is MikrotikOS good enough to support two networks independent of each other? (one needs PPPoE)

The question is if you are able to make PPPoE connection from "internal" router to receive public address if there is no Mikrotik "in the middle"?
What do Mikrotik should do in your opinion?
by BartoszP
Tue Oct 01, 2019 6:59 pm
Forum: General
Topic: ROS updates to be put on homepage?
Replies: 4
Views: 460

Re: ROS updates to be put on homepage?

@upower3

Is it a problem to pin https://mikrotik.com/download url to the tab in your favourite browser and open it with one click?
by BartoszP
Tue Sep 24, 2019 9:00 am
Forum: General
Topic: Audience Tri-band mesh
Replies: 14
Views: 1273

Re: Audience Tri-band mesh

Checito

You should assume that most readers are skilled enough to stick with the flow of consecuitive posts.
If you want to comment something what was mentioned a few posts earlier then quote only the crucial part of that post.
by BartoszP
Mon Sep 23, 2019 10:03 pm
Forum: RouterBOARD hardware
Topic: Recover from "No Default Configuration" System Reset
Replies: 17
Views: 997

Re: Recover from "No Default Configuration" System Reset

Why not to use Winbox with MAC address?
by BartoszP
Mon Sep 23, 2019 8:58 pm
Forum: General
Topic: Audience Tri-band mesh
Replies: 14
Views: 1273

Re: Audience Tri-band mesh

Chechito,
Could you please do not quote full previous posts in your answers if there is no need for that.
Just use big button "Post replay"
by BartoszP
Mon Sep 23, 2019 1:22 pm
Forum: RouterBOARD hardware
Topic: Recover from "No Default Configuration" System Reset
Replies: 17
Views: 997

Re: Recover from "No Default Configuration" System Reset

Zacharias,

Could you please do not quote full previous posts in your answers if there is no need for that.
Just use big button "Post replay"
by BartoszP
Fri Sep 20, 2019 6:06 pm
Forum: Announcements
Topic: v6.45.6 [stable] is released!
Replies: 48
Views: 21104

Re: v6.45.6 [stable] is released!

MikroTik
Certified
Network
Anesthesiologist

will bring your router back to life :lol: :lol: :lol: :lol:
by BartoszP
Fri Sep 20, 2019 6:00 pm
Forum: Scripting
Topic: Hello, everyone, my ROS is far away, the power of ROS is cut off by the bad guys. I want to add a script to detect ROS
Replies: 6
Views: 906

Re: Hello, everyone, my ROS is far away, the power of ROS is cut off by the bad guys. I want to add a script to detect R

Run such script when rebooted # :local loctoemail "destination@address.com" # :local locident [/system identity get name] :local locmachine [/system resource get architecture-name] :local locversion [/system resource get version] :local loctime [/system clock get time] :local locdate [/system clock ...
by BartoszP
Fri Sep 20, 2019 11:58 am
Forum: Announcements
Topic: v6.45.6 [stable] is released!
Replies: 48
Views: 21104

Re: v6.45.6 [stable] is released!

It's more like coma after surgery as router is still alive :-)
by BartoszP
Mon Sep 16, 2019 9:10 am
Forum: Announcements
Topic: v6.46beta [testing] is released!
Replies: 107
Views: 39609

Re: v6.46beta [testing] is released!

Version 6.46beta38 has been released.
......
*) console - fixed IP conversation to "num" data type;
....
Shouldn't it be "conversion"?
by BartoszP
Mon Sep 09, 2019 6:45 pm
Forum: Beginner Basics
Topic: Unable to ping/trace from lan
Replies: 7
Views: 666

Re: Unable to ping/trace from lan

Show configuration of your router.
I suspect that you have assigned 8.8.8.8 address to interface in your router.
by BartoszP
Wed Aug 07, 2019 12:22 am
Forum: Wireless Networking
Topic: 802.11ax [SOLVED]
Replies: 118
Views: 19570

Re: 802.11ax [SOLVED]

How to educate other users if you do not set a good example? Laziness is not a good excuse.
by BartoszP
Wed Aug 07, 2019 12:00 am
Forum: Wireless Networking
Topic: 802.11ax [SOLVED]
Replies: 118
Views: 19570

Re: 802.11ax [SOLVED]

!ste:

Is it necessary to quote FULL previous post?
by BartoszP
Thu Aug 01, 2019 2:35 pm
Forum: Beginner Basics
Topic: Small MikroTik, Big MikroTik
Replies: 2
Views: 347

Re: Small MikroTik, Big MikroTik

Yes,

"Bigger" devices usually have "higher" licenses what is described there: https://wiki.mikrotik.com/wiki/Manual:L ... nse_Levels
by BartoszP
Fri Jul 12, 2019 9:52 pm
Forum: Beginner Basics
Topic: RouterOS v6.41.4 access to admin panel -password problem [SOLVED]
Replies: 9
Views: 928

Re: RouterOS v6.41.4 access to admin panel -password problem [SOLVED]

Why do you think that Mikrtik's forum is proper place to ask about problems with Tenda router?
by BartoszP
Fri Jul 12, 2019 5:12 pm
Forum: Announcements
Topic: v6.44.5 [long-term] is released!
Replies: 97
Views: 34027

Re: v6.44.5 [long-term] is released!

Was it "Upgrading on the edge" by Aerosmith? :-)

Jump from 6.40 directly to 6.45 .... you are brave man. Have you read changelogs in the 6.41?
by BartoszP
Sun Jul 07, 2019 11:41 pm
Forum: General
Topic: Best Way to Isolate Bridges to Reach Each Other's IPs
Replies: 26
Views: 1485

Re: Best Way to Isolate Bridges to Reach Each Other's IPs

anav: maybe my toilet paper has just more layers than your? BTW.... If you want to protect computers on one bridge at L3 from another L3 layer then you need to block bridge A pool (name it poolA) from poolB, poolC, poolD ... poolC protect form poolD but not from poolE .... poolF from poolA, poolB bu...
by BartoszP
Sun Jul 07, 2019 5:35 pm
Forum: General
Topic: Best Way to Isolate Bridges to Reach Each Other's IPs
Replies: 26
Views: 1485

Re: Best Way to Isolate Bridges to Reach Each Other's IPs

@anav:

Nets at L2 may be separated but routing at L3 works and OP asks how to prevent IP access.

@OP:
what about using filters at bridge level? Antything what is forwarded to other interface than WAN should be dropped.
by BartoszP
Sun Jul 07, 2019 3:24 pm
Forum: General
Topic: Best Way to Isolate Bridges to Reach Each Other's IPs
Replies: 26
Views: 1485

Re: Best Way to Isolate Bridges to Reach Each Other's IPs

How you add Port1 to four different bridges?
by BartoszP
Tue Jun 11, 2019 7:05 pm
Forum: Beginner Basics
Topic: Block acces to a New router
Replies: 2
Views: 321

Re: Block acces to a New router

Do you connect any interfaces to this bridge?
by BartoszP
Tue Jun 11, 2019 5:54 pm
Forum: General
Topic: Implementing a Blacklist [SOLVED]
Replies: 2
Views: 303

Re: Implementing a Blacklist [SOLVED]

My simple solution: /ip service set winbox port=18291 /interface list add name=WAN_LIST /interface list member add interface=ETH1-WAN list=WAN_LIST /ip firewall raw # # accept packets to nonstandard WinBox port ... could be tailored for access from particular subnets etc. # add action=accept chain=p...
by BartoszP
Mon Jun 03, 2019 8:01 pm
Forum: RouterBOARD hardware
Topic: hAP ac bricked
Replies: 5
Views: 920

Re: hAP ac bricked

My old 0.02$ to this topic: viewtopic.php?f=1&t=93307&p=490460#p490402
by BartoszP
Wed May 22, 2019 5:26 pm
Forum: RouterBOARD hardware
Topic: RB 450GX4 add a FAN
Replies: 2
Views: 460

Re: RB 450GX4 add a FAN

Directly from power socket if you use 24V PSU?
by BartoszP
Sat May 04, 2019 8:09 pm
Forum: Useful user articles
Topic: How to opitimize list of IP4 addresses
Replies: 7
Views: 1818

Re: How to opitimize list of IP4 addresses

Thank you for the report.
It is example of situation when one subnet is fully included in another. I do not look for such optimization ... yet :)
IMHO it is not "a bug" .. output is fully valid however not optimized to "deep roots".
by BartoszP
Thu May 02, 2019 11:43 pm
Forum: Useful user articles
Topic: How to opitimize list of IP4 addresses
Replies: 7
Views: 1818

How to opitimize list of IP4 addresses

I was thinking how to optimize big IP lists before importing them to Mikrotik. It ended as this program. Feel free to use it. Comments welcome. Written with GNU Linux and gcc. Standard usage ... takes data from stdin and outputs to stdout Program tries to merge consecutive IP addresses or IP ranges....
by BartoszP
Sat Apr 27, 2019 2:45 pm
Forum: RouterBOARD hardware
Topic: Hardware repair RB711-5Hn-MMCX
Replies: 3
Views: 590

Re: Hardware repair RB711-5Hn-MMCX

@tayroborges:

English please !
by BartoszP
Fri Apr 26, 2019 4:25 pm
Forum: General
Topic: RB1100AHx4 Dude Edition insecure by default
Replies: 11
Views: 721

Re: RB1100AHx4 Dude Edition insecure by default

No device calling itself a router should have this as it's fully patched, default configuration out of the box be this: ...... If you want to make excuses for having crappy default configurations that's fine. Mikrotik is the one that is making the reputation for making devices that are part of botn...
by BartoszP
Mon Apr 22, 2019 9:05 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 71366

Re: v6.45beta [testing] is released!

After upgrade of CRS125 it stopped to be visible in a neigherhood and for WinBox.
by BartoszP
Mon Apr 22, 2019 9:02 am
Forum: Beginner Basics
Topic: CHAPTER 2, Basic configuration: username, identity, NTP, Monitoring, Maintenance
Replies: 1
Views: 229

Re: CHAPTER 2, Basic configuration: username, identity, NTP, Monitoring, Maintenance

Tony:

Once more ... please do not start so many threads. Make one and please stick with it.
by BartoszP
Thu Apr 11, 2019 8:32 am
Forum: Beginner Basics
Topic: CHAPTER 2, Basic Configuration, Interface Configuration
Replies: 3
Views: 427

Re: CHAPTER 2, Basic Configuration, Interface Configuration

Isn't it better to make one topic instead of starting several ones?
by BartoszP
Sun Mar 17, 2019 9:38 am
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 18600

Re: v6.44.1 [stable] is released!

After upgrade to 6.44.1 on RB962 GRE+IPSec stopped working when connected to 6.44 on the other side. After downgrade to 6.44 back on-line.
by BartoszP
Sun Mar 17, 2019 12:34 am
Forum: Beginner Basics
Topic: Locked out badly
Replies: 3
Views: 378

Re: Locked out badly

What about logging with WinBox via MACaddress?
by BartoszP
Fri Mar 15, 2019 8:56 pm
Forum: General
Topic: RB4011iGS+ admin password issue
Replies: 3
Views: 353

Re: RB4011iGS+ admin password issue

Resseting configuration should not be allowed without setting password as integral part of this process.
by BartoszP
Fri Mar 15, 2019 3:08 pm
Forum: Announcements
Topic: Statement on Vault 7 document release
Replies: 92
Views: 45632

Re: Statement on Vault 7 document release

You are using the wrong symbol to explain to IT people, should use "!=" instead, then they will better understand :-)
For some "<>" should be used :)
by BartoszP
Tue Mar 12, 2019 4:25 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

It is always safer to netinstall as it formats device.
by BartoszP
Mon Mar 11, 2019 11:02 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 71366

Re: v6.45beta [testing] is released!

*) e-mail - fixed missing "from" address for sent e-mails (introduced in v6.44);
Emils

I'm interested how did it happen? What someone had been messing for with e-mail part of ROS?
by BartoszP
Thu Mar 07, 2019 5:06 pm
Forum: General
Topic: RB4011 real world speed tests
Replies: 12
Views: 1645

Re: RB4011 real world speed tests

"Expected more" means 23+ Gb sustained transmission with 190$ device?
by BartoszP
Wed Mar 06, 2019 12:49 pm
Forum: General
Topic: Radical change coming for home and small business networking
Replies: 37
Views: 2845

Re: Radical change coming for home and small business networking

No. It's not old thinking.

My net is my castle. Period.
by BartoszP
Wed Mar 06, 2019 8:33 am
Forum: General
Topic: Radical change coming for home and small business networking
Replies: 37
Views: 2845

Re: Radical change coming for home and small business networking

Xymox,

Be responsible ISP/IT company and inform your customers that someone tries to take over their security.

Inform them about pros and cons and explain why you prefer not to jump into that train.

Easy.
by BartoszP
Mon Mar 04, 2019 12:38 am
Forum: General
Topic: Radical change coming for home and small business networking
Replies: 37
Views: 2845

Re: Radical change coming for home and small buisness networking

Hmmm.... I watched this video and what comes to my eyes is "security manager will configure customers' micornets to be safe/secure etc...." or sth like that ...
Who the ..... is Alice ... opssss ... security manager?
by BartoszP
Wed Feb 27, 2019 5:52 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1164

Re: Hardware Selection

Keeping up with the Simpsons ... let me decide :-)
by BartoszP
Wed Feb 27, 2019 4:21 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1164

Re: Hardware Selection

Frankly speaking: Bartosz ... "sz" pronounced as "sh" in "wash" :lol:
by BartoszP
Wed Feb 27, 2019 4:08 pm
Forum: General
Topic: routerOS blocks various surveillance cloud adresses
Replies: 2
Views: 252

Re: routerOS blocks various surveillance cloud adresses

How your PC reaches camera?

WAN -> LAN? Is it OK?
LAN -> LAN? OK or not? Look for Harpin NAT.
LAN -> WAN? OK?
by BartoszP
Wed Feb 27, 2019 2:38 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1164

Re: Hardware Selection

CRS are switches not routers. Thay can do routing but they are not designed for routing/natting/mangling heavy traffic. You should look for CCR devices if you want to mostly route or start with AH1100x4 ones. I have installation with AH1100x4 for 50+ users, VPN+IPSec used to access main office share...
by BartoszP
Wed Feb 27, 2019 12:44 pm
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 36390

Re: v6.44 [stable] is released!

Strange ... IPSec works for me :-) after upgrade 6.43.12 -> 6.44

IPSeced IPIP and GRE tunnels work smooth after upgrade, self-reconnected without problems. Comments still in place.
by BartoszP
Fri Feb 22, 2019 9:48 pm
Forum: General
Topic: Problem on 6.37.5 version
Replies: 5
Views: 751

Re: Problem on 6.37.5 version

Do you really use these public IPs in your configuration?
by BartoszP
Mon Feb 18, 2019 5:48 pm
Forum: Beginner Basics
Topic: How do I get a question moderated??
Replies: 2
Views: 293

Re: How do I get a question moderated??

Be patient. Most of moderators are volunteers so it takes some time to be moderated.
by BartoszP
Fri Feb 15, 2019 3:44 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9405

Re: DHCP Offering Lease Without Success

Suspecting that DHCP server mostly warns

A. when device try to renew address when lease is still valid and full DHCP REQUEST-ACK-CONFIRM process is not done
or
B. ROS sees that device is "vanishing" ... I see it in logs when CAPSMAN moves device from one AP or interface to another.
by BartoszP
Fri Feb 15, 2019 12:59 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9405

Re: DHCP Offering Lease Without Success

Does not help ... no change .. still receiving warnings
by BartoszP
Thu Feb 14, 2019 2:02 pm
Forum: General
Topic: Guide to (possibly) hack RouterOS ... If yes please protect it
Replies: 10
Views: 1003

Re: Guide to (possibly) hack RouterOS ... If yes please protect it

Most users who start threads "Mikrotik hacked...", "My router is unsecured", "Big hole in security of ..." seems to not check forum for security topics Did you try easiest method to look for security problems: https://forum.mikrotik.com/search.php?keywords=vulnerability https://forum.mikrotik.com/se...
by BartoszP
Wed Feb 13, 2019 5:53 pm
Forum: General
Topic: how to see "(2265 messages not shown)"?
Replies: 2
Views: 404

Re: how to see "(2265 messages not shown)"?

If I recall correctly it means that there is NNNN exactly the same consequent messages in the log.
by BartoszP
Wed Feb 13, 2019 5:48 pm
Forum: General
Topic: Config Review - Security Conscience Home User
Replies: 19
Views: 1279

Re: Config Review - Security Conscience Home User

It is my way of "drop it ASAP" 0. if attacker scans us again (is already on the list) then drop it right now. A. check if unwanted port is checked. B. if yes, add attacker to the ban list C. drop all packets coming from attacker list /ip firewall raw add action=accept chain=prerouting dst-port=porto...
by BartoszP
Wed Feb 13, 2019 4:43 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 208051

Re: Feature requests

It would be convinient to CAPSAM and DHCP to log to log not only MAC address but also HOSTNAME if it is known.
Process of transforming MAC 2 HOST is tedious and if log changes quickly you have no chance to check who is associating/dhcping
by BartoszP
Mon Feb 11, 2019 5:34 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9405

Re: DHCP Offering Lease Without Success

Uncheck ...
"Always send replies as broadcasts even if destination IP is known. Will add additional load on L2 network."
DHCP broadcast an offer even if device is just deassigned.
by BartoszP
Mon Feb 11, 2019 4:31 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9405

Re: DHCP Offering Lease Without Success

For me the problem is with static addresses and seems to be connected with this option which sends offer even if there is no demand for it. Converting dynamic address to static makes this option somehow "checked" even DHCP server has it "unchecked" so if you forgot to uncheck then static reservation...
by BartoszP
Thu Jan 31, 2019 2:43 am
Forum: General
Topic: How to migrate RB3011 to CCR1009
Replies: 4
Views: 422

Re: How to migrate RB3011 to CCR1009

Before import rename all interfaces in 1009 to names used in 3011. It will make import much easier.
by BartoszP
Tue Jan 29, 2019 9:30 pm
Forum: Beginner Basics
Topic: DNS server behaviour
Replies: 5
Views: 490

Re: DNS server behaviour

/ip firewall filter
add action=drop chain=input comment=WAN->DNS dst-port=53 in-interface=YOURWAN protocol=udp
by BartoszP
Wed Jan 23, 2019 8:59 pm
Forum: Beginner Basics
Topic: Como usa a RBGrooveA-52HPn simultâneo
Replies: 2
Views: 303

Re: Como usa a RBGrooveA-52HPn simultâneo

Please edit your post and use English
by BartoszP
Tue Jan 22, 2019 5:06 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 6671

Re: 6.43.8 vulnerability or hack?

Anav ... should mrz explain again and again and step by step what to do when you are hacked or could expect that autor is aware of https://blog.mikrotik.com/
by BartoszP
Sun Jan 20, 2019 5:36 pm
Forum: General
Topic: how many users can use different models of routers ?
Replies: 1
Views: 258

Re: how many users can use different models of routers ?

Users of what service?
by BartoszP
Fri Jan 11, 2019 5:17 pm
Forum: General
Topic: Misterious Ethernet problem
Replies: 13
Views: 1296

Re: Misterious Ethernet problem

IMHO it could be problem of STP/RSTP protocol. Switch it off and see what will happen.
by BartoszP
Thu Jan 10, 2019 10:34 am
Forum: General
Topic: Spam filtering - how to improve my antispam system
Replies: 9
Views: 1126

Re: Spam filtering - how to improve my antispam system

I use N++ with it's regular expression search+replace/replace all option.
by BartoszP
Wed Jan 09, 2019 8:14 pm
Forum: General
Topic: Spam filtering - how to improve my antispam system
Replies: 9
Views: 1126

Re: Spam filtering - how to improve my antispam system

@anav: Barracuda ESG does good job .. it filters most of spam from China ... most means 99% ... but I was tired skipping whole pages of "dropped/blocked" entries and decided to not allow such e-mails to reach ESG @Xtreamer: Please check attachment. It is part of a bigger set of rules so you must to ...
by BartoszP
Mon Jan 07, 2019 11:59 pm
Forum: General
Topic: Interface ether accidently removed and I am disconnected.
Replies: 9
Views: 640

Re: Interface ether accidently removed and I am disconnected.

How did you remove ethernet interface from router? Physically? Then I doubt if you can connect to your router :-)
Do you have more eth interfaces? What router it is? Configuration?
by BartoszP
Mon Jan 07, 2019 10:35 am
Forum: General
Topic: Spam filtering - how to improve my antispam system
Replies: 9
Views: 1126

Re: Spam filtering - how to improve my antispam system

Almost 24 hours later

Edit ... blocked at RAW firewall level
Chiny4.PNG
by BartoszP
Sun Jan 06, 2019 10:40 pm
Forum: General
Topic: Spam filtering - how to improve my antispam system
Replies: 9
Views: 1126

Spam filtering - how to improve my antispam system

Hi, I use Barracuda Spam Filter (Barracude ESG) as my spam-firewall for one of my customers. It does good job but one of their e-mail's was used for communication with China based client. Since then we receive hundreds spam e-mails per day only for this used e-mail. We do not receive e-mails to admi...
by BartoszP
Wed Jan 02, 2019 7:16 pm
Forum: General
Topic: Hacked Board
Replies: 15
Views: 1559

Re: Hacked Board

Do you use same "paranoic" :D rules for LAN as for WAN side?
by BartoszP
Tue Jan 01, 2019 3:45 pm
Forum: Wireless Networking
Topic: Radar detected on XXX
Replies: 31
Views: 3376

Re: Radar detected on XXX

@n21roadie ... could you please stop full quoting all posts you are commenting. Use "Post replay" instead of "quoting" post.
by BartoszP
Mon Dec 31, 2018 3:42 pm
Forum: General
Topic: under attack in port 32231? - help
Replies: 25
Views: 1709

Re: under attack in port 32231? - help

Yes.
You don't need
...dst-port=!8291,22 ...
You accept it earlier so packets to 8291 and 22 do not even reach this drop rule.
I suggest to change 8291 port to other port in you configuration for winbox access.
by BartoszP
Mon Dec 31, 2018 1:37 pm
Forum: General
Topic: under attack in port 32231? - help
Replies: 25
Views: 1709

Re: under attack in port 32231? - help

Yes.

If you want to protect your castle then you build THE WALL which stops all at the gate and then allow to go inside only allowed persons/goods/packets. It is far far easier then allow all to enter and spy them for "bad guys". :D :D :D
by BartoszP
Fri Dec 28, 2018 11:11 am
Forum: The User Manager
Topic: user manager database is corrupted everyday
Replies: 4
Views: 733

Re: user manager database is corrupted everyday

More details please.
by BartoszP
Fri Dec 28, 2018 8:47 am
Forum: General
Topic: Post Very good ... Thank you for that.
Replies: 3
Views: 418

Re: Post Very good ... Thank you for that.

Done ... just warned as previous posts were quite "normal"
by BartoszP
Thu Dec 27, 2018 11:13 am
Forum: General
Topic: After updating RouterOS to version 6.43.7, part of computers in the LAN can't ping each other.Is there the problem with
Replies: 3
Views: 363

Re: After updating RouterOS to version 6.43.7, part of computers in the LAN can't ping each other.Is there the problem w

General answer is: No.

More details please. Configuration, topology, version upgraded from ... we aren't wizards guessing from tea leaves
by BartoszP
Thu Dec 27, 2018 11:09 am
Forum: General
Topic: RB2011 dont upgrade
Replies: 1
Views: 193

Re: RB2011 dont upgrade

Maybe you are victim of viewtopic.php?f=21&t=140165
by BartoszP
Sun Dec 23, 2018 3:15 pm
Forum: General
Topic: PPPoE client help needed
Replies: 3
Views: 286

Re: PPPoE client help needed

L'italiano è una bella lingua but please use English :D
by BartoszP
Fri Dec 21, 2018 2:23 pm
Forum: General
Topic: securize network
Replies: 1
Views: 182

Re: securize network

Yes.
by BartoszP
Tue Dec 11, 2018 2:36 am
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 45
Views: 8456

Re: hardware idea for a multiport switch

I...Maybe make an expander module that can be mounted on the front or back of the rack, via a fiber optic cable and connected power back to the switch. Would make it easy to have a top of rack back and front switch ports....
Just PoE powering. No need for next PSU.
by BartoszP
Mon Dec 10, 2018 6:06 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 45
Views: 8456

Re: hardware idea for a multiport switch

Do you imagine this FAT-FAT-FAT cable boundle which you try to move to slide out/in a switch? How to organize them to ease slide device out and not to have big gnarl when slided in? How to protect cables against braking down RJ45 connectors? How many empty Us above device needed to organize cables? ...
by BartoszP
Sun Dec 02, 2018 5:15 pm
Forum: General
Topic: process called system send data to ip pptp server
Replies: 3
Views: 313

Re: process called system send data to ip pptp server

How your ptoblem is connected to Mikrotik?
by BartoszP
Mon Nov 19, 2018 5:02 pm
Forum: Beginner Basics
Topic: plan-B
Replies: 5
Views: 460

Re: plan-B

Safe mode is good solution but having Plan-B is even better if you commit "safe" configuration.
by BartoszP
Wed Nov 14, 2018 1:42 pm
Forum: Beginner Basics
Topic: Am I hacked?
Replies: 2
Views: 560

Re: Am I hacked?

Start with:
/interface list
add name=WAN_LIST
/interface list member
add interface=YouRWANInterface list=WAN_LIST
/ip firewall raw
add action=drop chain=prerouting dst-port=53 in-interface-list=WAN_LIST log-prefix=UDP53ALL protocol=udp
by BartoszP
Thu Nov 08, 2018 1:03 pm
Forum: Forwarding Protocols
Topic: Forward and redirect port [SOLVED]
Replies: 3
Views: 850

Re: Forward and redirect port [SOLVED]

Read this: viewtopic.php?f=2&t=102483&p=508981&hil ... IC#p508981

Why do you use public IPs in internal network?
by BartoszP
Sun Oct 28, 2018 8:19 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 84
Views: 35055

Re: URGENT security reminder

Why to waste time? Netinstall and import configuration via script if you have one.
by BartoszP
Sun Oct 28, 2018 7:26 pm
Forum: RouterBOARD hardware
Topic: X86 restart.
Replies: 2
Views: 543

Re: X86 restart.

Why do you use x86? Isn't it better to buy Mikrotik device like https://mikrotik.com/product/RB750Gr3
by BartoszP
Sun Oct 28, 2018 11:37 am
Forum: Beginner Basics
Topic: same ip for multi interfaces
Replies: 4
Views: 667

Re: same ip for multi interfaces

A. Do bridge both interfaces and then filter traffic between interfaces.
or
B. Divide 192.168.2.0/24 subnet to two 192.168.2.0/25 subnets for each interface and then filter traffic
by BartoszP
Thu Oct 25, 2018 6:43 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

More impressive statisctic for 42 days of up-time.
RAW2 registers IPs which "revisist" router and are still registered with RAW1 rule.
Firewall.PNG
by BartoszP
Wed Oct 24, 2018 4:07 pm
Forum: RouterBOARD hardware
Topic: MUM Europe 2018 - New hardware incoming
Replies: 52
Views: 17767

Re: MUM Europe 2018 - New hardware incoming

Micron Enterprise SSD 9200 MAX 6.4TB NVMe U.2 3 500$ gross
by BartoszP
Wed Oct 24, 2018 3:47 pm
Forum: RouterBOARD hardware
Topic: MUM Europe 2018 - New hardware incoming
Replies: 52
Views: 17767

Re: MUM Europe 2018 - New hardware incoming

Let's check ... the generic example I've found in Poland: SSD Crucial MX500 500GB for 100$ is too expensive?
by BartoszP
Fri Oct 19, 2018 10:22 am
Forum: General
Topic: Mejor opcion de MIKROTIK para 3000 abonados
Replies: 7
Views: 881

Re: Mejor opcion de MIKROTIK para 3000 abonados

A. What if forum moderators hardly speak Spanish? Should we accept post in eg. Katakana or Hindi or Hebrew alphabets? B. Moderators do "complain" about non English posts. C. If English is not your "best friend" then you can always use translator or write/ask on non English forum. D. This forum has s...
by BartoszP
Thu Oct 18, 2018 6:38 pm
Forum: Beginner Basics
Topic: no internet after IP changed
Replies: 6
Views: 534

Re: no internet after IP changed

What are NAT rules and Firewall?
Connections shows that there is some traffic from LAN to WAN ... do you have DNS properly configured?
by BartoszP
Thu Oct 18, 2018 6:07 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

It is log for 25 days since reboot so this router drops circa 15k connections per day. Most of them are for 22,23,8291 ports.
MM.PNG
by BartoszP
Thu Oct 18, 2018 3:40 pm
Forum: Beginner Basics
Topic: no internet after IP changed
Replies: 6
Views: 534

Re: no internet after IP changed

Have you looked at firewall settings? Do they use 192.168.1.x instead a.b.88.x?
by BartoszP
Wed Oct 17, 2018 6:32 pm
Forum: RouterBOARD hardware
Topic: Cracked cover on RouterBOARD DISC Lite5
Replies: 59
Views: 7929

Re: Cracked cover on RouterBOARD DISC Lite5

Time for "Best before sticker" :-( I have client which sells car components. We wondered why eg. spark plugs have "Best before date" info and "Production date" as there is nothing what could be expected to detoriate when they are waiting on a shelf packed/sealed/protected by manufacturer. Now I know...
by BartoszP
Tue Oct 16, 2018 4:39 pm
Forum: General
Topic: Optimization for crazy-asymetric DOCSIS connection
Replies: 1
Views: 238

Re: Optimization for crazy-asymetric DOCSIS connection

Try to lower MTU for WAN interface.
by BartoszP
Mon Oct 15, 2018 4:51 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

Have you netinstalled?
by BartoszP
Fri Oct 12, 2018 6:01 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 84
Views: 35055

Re: URGENT security reminder

It was already discussed. Who do call customers? End users or admins? End users? ... most of them do not even know that they have Mikrotik device installed as gateway to Internet. Forget them. Admins? ... real admins reading Mikrotik's site or forum should be/are aware of these problems but the main...
by BartoszP
Fri Oct 12, 2018 5:52 pm
Forum: Beginner Basics
Topic: Router Attack [SOLVED]
Replies: 6
Views: 932

Re: Router Attack [SOLVED]

Why do you think that it is router problem?
Do you think that js:Miner-AL[pup] is installed in your router?
Are you shure that your computer or any other local one are not infected with js:Miner-AL[pup]?
by BartoszP
Fri Oct 12, 2018 10:26 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 84074

Re: v6.44beta [testing] is released!

Docmarius .. thank you for explanation but what USB U3 has common with ROS? What does he want to beta test with U3?
by BartoszP
Thu Oct 11, 2018 4:25 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 84
Views: 35055

Re: URGENT security reminder

This change makes router more secure as it is not possible to connect to WinBox service with standard port.
by BartoszP
Wed Oct 10, 2018 4:51 pm
Forum: Beginner Basics
Topic: Remote Desktop
Replies: 1
Views: 255

Re: Remote Desktop

You cannot RDP from WAN lan or LOCAL lan?

Read this: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT
by BartoszP
Mon Oct 08, 2018 5:49 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

Tenable story is different ... they mounted ROS filesystem system to other Linux, made changes to files and then explored RouterOS. You have to have physical access to such system you want to break in. All Linuxes without encrypted filesystem are volunerable ... you can just mount root partition, re...
by BartoszP
Mon Oct 08, 2018 3:28 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

Congratulations to Tenable !!! They should also send list of affected routers. - it is SARCASM.

IMHO it is totally irresponsible.
by BartoszP
Sun Oct 07, 2018 8:57 am
Forum: General
Topic: My Mikrotik Public IP Has been blacklisted by spamhuas, for the second time!
Replies: 9
Views: 998

Re: My Mikrotik Public IP Has been blacklisted by spamhuas, for the second time!

You can.

A. You can filter connections for SMTP ports
B. Make Torch buffer time longer than 3 sec.

or

C. Make firewals rules adding src address to SMTPsenders list for PC's starting traffic to any SMTP port
by BartoszP
Sat Oct 06, 2018 7:20 pm
Forum: Beginner Basics
Topic: I broke my network and can't access Webfig. Please help
Replies: 5
Views: 875

Re: I broke my network and can't access Webfig. Please help

Do not use WebFig ... use Winbox instead. It's proper tool.
by BartoszP
Sat Oct 06, 2018 7:03 pm
Forum: General
Topic: My Mikrotik Public IP Has been blacklisted by spamhuas, for the second time!
Replies: 9
Views: 998

Re: My Mikrotik Public IP Has been blacklisted by spamhuas, for the second time!

Check computers, servers etc. behind your router if they are sending emails. Just observe connections in the firewall or torch WAN interface.
by BartoszP
Sat Oct 06, 2018 6:39 pm
Forum: General
Topic: My Mikrotik Public IP Has been blacklisted by spamhuas, for the second time!
Replies: 9
Views: 998

Re: My Mikrotik Public IP Has been blacklisted by spamhuas, for the second time!

disconnect router from Internet
review configuration
export configuration to file
netinstall
set new admin password
add new user with admin privileges
remove admin
import configuration
connect to Internet
by BartoszP
Thu Sep 27, 2018 2:02 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 208051

Re: Feature requests

Please add:

MAC address lists
Port lists in Firewall
by BartoszP
Tue Sep 25, 2018 12:08 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 84074

Re: v6 44beta testing is released

Id like to find out about helping with the Beta test on this...Ive used the big program for many years now, and have been on the Beta list for quite some time. I just started using PE, as Ive changed employers, and my new job wont allow me to install anything on my computer there, but I can use USB...
by BartoszP
Sun Sep 23, 2018 1:50 pm
Forum: General
Topic: I am Not a Robbot
Replies: 17
Views: 1286

Re: I am Not a Robbot

If you configured local LAN as 194.168.1.0/24 instead of 192.168.1.0/24 then DNS name of your gateway is resolved to external name.
You didn't show your configuration so it is just a guess.
by BartoszP
Sun Sep 23, 2018 1:47 pm
Forum: General
Topic: iPhone XS and Mikrotik hAP ac
Replies: 29
Views: 4696

Re: iPhone XS and Mikrotik hAP ac

Try to change channel width.
by BartoszP
Fri Sep 21, 2018 4:48 pm
Forum: RouterBOARD hardware
Topic: RB333
Replies: 3
Views: 523

Re: RB333

The only way is to ask support@mikrotik.com for help.
by BartoszP
Sat Sep 15, 2018 10:14 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

What do you want to say? Have you example of hacked 6.42.7 or are you just guessing and making noise?
by BartoszP
Fri Sep 14, 2018 5:07 pm
Forum: General
Topic: [ASK] disable PMKID
Replies: 2
Views: 1585

Re: [ASK] disable PMKID

Have you ever tried Serach function ?

search.php?keywords=PMKID+
by BartoszP
Mon Sep 10, 2018 1:13 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

@msatter: Is it joke or not?
by BartoszP
Fri Sep 07, 2018 2:20 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70615

Re: RB4011

by BartoszP
Fri Sep 07, 2018 12:18 pm
Forum: Scripting
Topic: wpa to wpa2 clone
Replies: 3
Views: 461

Re: wpa to wpa2 clone

Start from here: https://wiki.mikrotik.com/wiki/Manual:S ... g#Keywords

You need to read WPA2 property with "get". Property is not a traditional variable.
Setting property is also not so simple as you tried .. look here for example viewtopic.php?f=9&t=138893
by BartoszP
Fri Sep 07, 2018 11:45 am
Forum: Beginner Basics
Topic: Winbox keeps disconnecting
Replies: 3
Views: 3044

Re: Winbox keeps disconnecting

Have you tried search function of this forum?

search.php?keywords=Winbox+keeps+disconnecting
by BartoszP
Thu Sep 06, 2018 10:44 pm
Forum: Scripting
Topic: Backup scripts
Replies: 3
Views: 590

Re: Backup scripts

It seems not to be so hard .... here you are: http://bfy.tw/JlQ6
by BartoszP
Thu Sep 06, 2018 5:32 pm
Forum: General
Topic: License
Replies: 6
Views: 542

Re: License

Do you mean taht you have Mikrotik's ROS x86 installed on this PC? We are not mentalists to know what do you want to say.
by BartoszP
Thu Sep 06, 2018 5:23 pm
Forum: Wireless Networking
Topic: 70 Kms Point 2 Point link
Replies: 18
Views: 2935

Re: 70 Kms Point 2 Point link

IMHO if you do not set then Mikrotik do not know that antenna gains output signal with 24dB and therefore total emitted power of Mikrotik + antenna could not meet regulatory limits.
by BartoszP
Thu Sep 06, 2018 5:18 pm
Forum: Forwarding Protocols
Topic: Ubuntu SSH port forwarding 22
Replies: 3
Views: 459

Re: Ubuntu SSH port forwarding 22

But how your problem is connected with Mikrotik?
by BartoszP
Thu Sep 06, 2018 11:40 am
Forum: General
Topic: Help, Switch over from RB1100AHx2 to RB1100AHx4 not working
Replies: 1
Views: 493

Re: Help, Switch over from RB1100AHx2 to RB1100AHx4 not working

The problem is JUMP form 6.3.1 to 6.42.7

There is FORMIDABLE change in the ROS viewtopic.php?t=128915

Try to downgrade to 6.40.9 bugfix which is the last version which is compatibile with 6.3.x line
by BartoszP
Thu Sep 06, 2018 10:06 am
Forum: General
Topic: Windows 2016 DC requesting lots of IPs from DHCP?
Replies: 6
Views: 512

Re: Windows 2016 DC requesting lots of IPs from DHCP?

Check for loops in your lan ...

EDIT:

... and for proxy-arps which pass packets from one subnet to another and "eat" DHCP IPs.
by BartoszP
Thu Sep 06, 2018 10:01 am
Forum: General
Topic: Capsman download
Replies: 1
Views: 504

Re: Capsman download

CAPSMAN is a fragment of wireless package. Enable this package and you shoul see CAPSMAN menu even if the router has no WiFi interfaces.
by BartoszP
Wed Sep 05, 2018 5:05 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

... This article respectively the new vulnerability CVE-2018-14847 makes me afraid of using any mikrotik product anymore I have looked here https://tools.cisco.com/security/center/publicationListing.x and I'm wondering who use these products? And you are lucky if you have software upgrade plan acti...
by BartoszP
Tue Sep 04, 2018 7:10 pm
Forum: RouterBOARD hardware
Topic: Need new hardware (8ports and 16ports)
Replies: 29
Views: 1834

Re: Need new hardware (8ports and 16ports)

Have you considered using two HexLites mounted on opposite walls? Just reuse one cable from existing infrastructure and extend it with 3 more cables as needed. OR buy any WHITE & CHEAP 8-port switch, install it and all the logic configure in propper router/switch/device installed outside apartments ...
by BartoszP
Tue Sep 04, 2018 5:46 pm
Forum: RouterBOARD hardware
Topic: Need new hardware (8ports and 16ports)
Replies: 29
Views: 1834

Re: Need new hardware (8ports and 16ports)

Not a problem ... just thinking. A. Why do you need full featured router? B. Isn't switch with 8 ports sufficient ... like this one https://mikrotik.com/product/CRS112-8G-4S-IN C. CRS112 has SFP ports to connect user with FTTH D. Why white is so important? Mayby we need black ones? Nowadays gray is ...
by BartoszP
Tue Sep 04, 2018 4:59 pm
Forum: RouterBOARD hardware
Topic: Need new hardware (8ports and 16ports)
Replies: 29
Views: 1834

Re: Need new hardware (8ports and 16ports)

And one port should be placed on bootom side to be pluggable directly from the wall with 5 cm hidden cable. This port should be PoE In to power device. and ports should be colored to let users easy find one ... I am almost listening to technician saying "look for purple port and connect cable to it ...
by BartoszP
Mon Sep 03, 2018 2:49 pm
Forum: Beginner Basics
Topic: How to hide web interface of router from internet?
Replies: 11
Views: 798

Re: How to hide web interface of router from internet?

IP/Services /WWW ... set available only from LAN subnet.
by BartoszP
Mon Sep 03, 2018 2:43 am
Forum: Beginner Basics
Topic: Locked Out of Mikrotik
Replies: 29
Views: 3421

Re: Locked Out of Mikrotik

Tested on 962 ... I've inserted it directly to 962 and connected via terminal as described in the manual but when you restart/power-on router then Woobm is restarted as USB power is cycling. Try to connect Woobm with USB dock station with external power supply to prevent resseting during router reset.
by BartoszP
Sun Sep 02, 2018 12:04 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70615

Re: RB4011

.... will force all programmers to finally start thinking multithread from the very beginning....
Most people are single threaded :D
by BartoszP
Thu Aug 30, 2018 8:23 pm
Forum: General
Topic: How to downgrade the ROS below the factory version?
Replies: 5
Views: 650

Re: How to downgrade the ROS below the factory version?

It has been programmed at factory with 6.40.5 so 6.41 is newer.
by BartoszP
Thu Aug 30, 2018 12:36 pm
Forum: Beginner Basics
Topic: Locked Out of Mikrotik
Replies: 29
Views: 3421

Re: Locked Out of Mikrotik

Do you have MAC address in the field "Connect to:" specified?
by BartoszP
Thu Aug 30, 2018 12:23 pm
Forum: Beginner Basics
Topic: Locked Out of Mikrotik
Replies: 29
Views: 3421

Re: Locked Out of Mikrotik

Winbox via MAC address.
Open Winbox ... click "Neighberhood" ... wait for your router ... click MAC address in the MAC column ... fill user + password ... connect
by BartoszP
Thu Aug 30, 2018 9:06 am
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 30970

Re: v6.42.7 [current] is released!

Have you tried to use WinBox with MAC connection?
by BartoszP
Wed Aug 29, 2018 4:55 pm
Forum: Scripting
Topic: Exit script if...
Replies: 4
Views: 1238

Re: Exit script if...

Maybe this could help:
:if ([:len $net1] > 0) do={
do what I want
}
by BartoszP
Wed Aug 29, 2018 8:10 am
Forum: Beginner Basics
Topic: PS4/Hulu connection issues.
Replies: 6
Views: 754

Re: PS4/Hulu connection issues.

Read these posts: search.php?keywords=hulu
by BartoszP
Sun Aug 26, 2018 1:08 pm
Forum: General
Topic: Block user with bad intention
Replies: 6
Views: 787

Re: Block user with bad intention

Your router could always be blocked by DDOS. Yes, one packet seems to be too preventive but most of addresses I am watching are pure port scanning or attacks to SSH, Winbox or SMB. I have showed just a snippet of the first barrier. You can always adjust time used to block particular IP address or ad...
by BartoszP
Fri Aug 24, 2018 11:30 pm
Forum: General
Topic: Block user with bad intention
Replies: 6
Views: 787

Re: Block user with bad intention

I use as the first barier: /interface list add name=WAN_LIST /ip firewall raw add action=accept chain=prerouting dst-port=65432 protocol=tcp add action=add-src-to-address-list address-list=RAWATTACK2 address-list-timeout=27m chain=prerouting comment=RAW2ADD in-interface-list=WAN_LIST log-prefix="RAW...
by BartoszP
Thu Aug 23, 2018 7:07 pm
Forum: General
Topic: Strange outgoing connection
Replies: 2
Views: 297

Re: Strange outgoing connection

Simple Google search for https://ipinfo.io/216.58.205.99 shows that it is Google IP so I suspect that that it is a connection to Gmail or Google lookup from web browser. You have session timeout set to 24 h. so if browser opens connection to google.com and then you change web page, the connection to...
by BartoszP
Thu Aug 23, 2018 1:04 pm
Forum: Announcements
Topic: v6.40.9 [bugfix] is released!
Replies: 56
Views: 15240

Re: v6.40.9 [bugfix] is released!

5 x 951G-2HnD updated without any problems ... simple sonfiguration.
1 x 1100AHx4 - no problems with update
1 x 1100AHx4 - needed power cycle to start working after "Download&Instal".
by BartoszP
Thu Aug 23, 2018 12:55 pm
Forum: General
Topic: Port forward from within local network?
Replies: 1
Views: 276

Re: Port forward from within local network?

Read this: https://wiki.mikrotik.com/wiki/Hairpin_NAT

SOHO routers do this behind the scenes. In Mikrotik's world ... read non-SOHO routers ... you need to do it yourself. You have full controln on packet routing/forwarding.
by BartoszP
Tue Aug 21, 2018 8:37 am
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 30970

Re: v6.42.7 [current] is released!

Could we expect 6.40.9 ?
by BartoszP
Mon Aug 20, 2018 5:48 pm
Forum: General
Topic: Page can't be displayed due to blocked resources
Replies: 1
Views: 316

Re: Page can't be displayed due to blocked resources

Why do you suspect that Mikrotik is responsible for this? Have you checked this page via different connection?
Picture clearly shows message which looks like valid html page prepared by bank's server. Have you contacted with bank?
by BartoszP
Sun Aug 19, 2018 10:09 am
Forum: General
Topic: Passwords for hundreds/thousdands of devices
Replies: 10
Views: 1012

Re: Passwords for hundreds/thousdands of devices

What do you mean by "manage"?
by BartoszP
Sun Aug 19, 2018 1:28 am
Forum: Wireless Networking
Topic: Sharing Motel WiFi
Replies: 12
Views: 1786

Re: Sharing Motel WiFi

Yes.
Use any dual band device. Use one WiFi interface as WAN and the second connect to LAN bridge.
by BartoszP
Tue Aug 14, 2018 10:16 pm
Forum: Announcements
Topic: Photos of towers and masts
Replies: 55
Views: 15697

Re: Photos of towers and masts

Real world without tie-wraps does not exist :-)
by BartoszP
Tue Aug 14, 2018 9:13 pm
Forum: General
Topic: force push local address to gateway? (to avoid Hairpin NAT)
Replies: 4
Views: 558

Re: force push local address to gateway? (to avoid Hairpin NAT)

What is wrong with Harpin NAT? It is just name of technology which "other" routers do behind the scenes.
One line for NAT. That is all.
by BartoszP
Mon Aug 13, 2018 8:38 am
Forum: General
Topic: Forced routing with UTM connected both ends to Mikrotik
Replies: 7
Views: 684

Re: Forced routing with UTM connected both ends to Mikrotik

Maybe you should just make bridge for ETH1+ETH2 and the second for ETH3+ETH4 and connect it with this UTM?
by BartoszP
Mon Aug 13, 2018 8:20 am
Forum: Beginner Basics
Topic: One IP Public Multiple Webserver
Replies: 4
Views: 1236

Re: One IP Public Multiple Webserver

It is not problem of Mikrotik configuration.

You should configure virtual hosts on your WWW server to manage different domains.
In Mikrotik device you should pass all HTTP trafic to this server.
by BartoszP
Thu Aug 09, 2018 8:24 am
Forum: General
Topic: New Attack on WPA/WPA2 Discovered, Most Modern Routers Might be at Risk
Replies: 8
Views: 1595

Re: New Attack on WPA/WPA2 Discovered, Most Modern Routers Might be at Risk

Davis,
Is ROS affected? IMHO it is stupid question.
If Mikrotik implements and follow WiFi standard then the standard is affected then this "flow in design" is in current ROS implemented.

What, in yor opinion, should be done? Change to WiFi implementation to not follow standard?
by BartoszP
Wed Aug 08, 2018 11:03 pm
Forum: Announcements
Topic: Security announcement blog
Replies: 120
Views: 38820

Re: Security announcement blog

What is the conclusion?
by BartoszP
Wed Aug 08, 2018 10:32 pm
Forum: General
Topic: Another worrying Wi-Fi exploit could potentially plague your router
Replies: 3
Views: 558

Re: Another worrying Wi-Fi exploit could potentially plague your router

What is connection of cracking WiFi credentials and router?
by BartoszP
Tue Aug 07, 2018 5:37 pm
Forum: General
Topic: Blokeo de linkedin y permitir pasar solo a una ip
Replies: 2
Views: 372

Re: Blokeo de linkedin y permitir pasar solo a una ip

Please rewrite in English please or the post will be deleted.
by BartoszP
Sun Aug 05, 2018 2:34 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

Mikrotik has room improve also with the blog...
Rhetorical question: Why people needs blogs, tweets or Facebook messages to feel beeing informed well?
by BartoszP
Sun Aug 05, 2018 9:59 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

Honestly I had never read the announcements section of the forum, I do now......
43north ... please do not take it personally :-) but this is the quotation of the month ... maybe even of the year.
by BartoszP
Sun Aug 05, 2018 9:20 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

43north ... you are using our forum ... you are posting ... why have you not upgraded your router earlier even you have had (I suppose) knowledge of the problem?
by BartoszP
Sat Aug 04, 2018 9:36 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25205

Re: Blacklist Filter (Development Topic)

...Have you considered using external to your network honeypots as source of offending IPs? ... I'm not quite sure I follow what you are saying. I'm always open to more sources. The new system is very modular. So importing another source is as simple as coding an import module for it. Could it be p...
by BartoszP
Sat Aug 04, 2018 7:54 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 7697

Re: Mikrotik in the news..bad news

Hands up who is daily following CVE news?
by BartoszP
Sat Aug 04, 2018 7:25 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25205

Re: Blacklist Filter (Development Topic)

Dave, Have you considered using external to your network honeypots as source of offending IPs? I use as the first frontier such RAW drop rules and all the time there are some IPs on the list of attackers. add action=add-src-to-address-list address-list=RAWATTACK2 address-list-timeout=127m chain=prer...
by BartoszP
Fri Aug 03, 2018 2:54 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

Once again: I'm not "advocatus diaboli" of Mikrotik but you should apply right measure to the problem. OK. There was a problem spotted and repaired ... a lot of programs/devices had, have and will have them ... period. The problem is/was resolved ... time to apply cure. IF YOU WANT. If not ... stop ...
by BartoszP
Fri Aug 03, 2018 2:06 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

...Yes, from "now on". Figuratively speaking - a few months is almost nothing when you have hundreds of thousands of devices out in the wild. As others already mentioned, do not expect people to promptly install your 0-day fix (as I recon, there were some communication glitches along the way, too)....
by BartoszP
Fri Aug 03, 2018 10:21 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

As Oude Kirk is about 5 min. walking from Central Station then most people start and end visiting Amsterdam do not crossing Damstraat and they are missing eg. Rembrandt's Museum. Not even trying to visit or just find any windmill Nederlands are famous for :-)
by BartoszP
Fri Aug 03, 2018 9:30 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

To not be blamed that they do nothing !!!!

Have you read carefully all recent posts on forum about this "problem"?

Mikrotik is almost blamed for not upgraded 70k+ routers in Brazil, that people are not informed and so on ...

PS.

Windmills +1
by BartoszP
Fri Aug 03, 2018 9:11 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

Normis ...
It seems to be a fight with windmills ... this is era when most people read JUST THE TOPIC and do not read more than one sentence of news and most of them do not even want to think what they are reading about. Topic is all information they want to know.
by BartoszP
Thu Aug 02, 2018 8:23 pm
Forum: Announcements
Topic: Security announcement blog
Replies: 120
Views: 38820

Re: Security announcement blog

"Mikrotik call home" :) .... crazy idea. And what about routers which has "unsafe" ROS version but are hidden behind other firewall with good security? Should they magically be banned? What about connections with low bandwith? Should it be "eaten" by regular ROS verion checks? Tha main idea of route...
by BartoszP
Thu Aug 02, 2018 5:29 pm
Forum: Beginner Basics
Topic: ERROR: wrong username or password
Replies: 5
Views: 2565

Re: ERROR: wrong username or password

Try to Netinstall.
by BartoszP
Thu Aug 02, 2018 4:49 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 89020

Re: Winbox vulnerability: please upgrade

On forum posts if the subject line doesn't interest me, I would never read it.
It is like: I do not like this song as I have never listened to it earlier and the title is boring me. :D
by BartoszP
Thu Aug 02, 2018 4:38 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 7697

Re: Mikrotik in the news..bad news

You have to know what you're doing with all this kit really unless you can just plug it in with the default config and not touch it, which goes back to the original issue. Lots of people buy this kit with no real expertise, and lots of people have these routers installed with no ongoing support and...
by BartoszP
Thu Aug 02, 2018 3:43 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 7697

Re: Mikrotik in the news..bad news

What we are talking about?
Ask average user what router is .... answers will be like "What?", "YYYYaaaaayyyyaaa? What?", to more sophisticated "Do you mean this white/blue/silver etc. box?" or "I have Internet from WiFi".
by BartoszP
Thu Aug 02, 2018 2:22 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 7697

Re: Mikrotik in the news..bad news

@msatter
Do you think that all 70 000 users of hacked devices in Brazil do even know what WinBox is?
by BartoszP
Thu Aug 02, 2018 2:10 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 7697

Re: Mikrotik in the news..bad news

@msatter: How do you expect that Mikrotik could MORE persuade people to upgrade if they (users not Mikrotik) do not care? It is not a matter how many infos Mikrotik will publish. If admin/user/owner do not care than it is not a problem of Mikrotik. Do you think that other comapnies call or mail each...
by BartoszP
Thu Aug 02, 2018 2:02 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 7697

Re: Mikrotik in the news..bad news

The sad part is that owners/admins DO NOT CARE.
by BartoszP
Thu Aug 02, 2018 9:58 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25205

Re: Blacklist Filter (Development Topic)

Fixed.
by BartoszP
Thu Aug 02, 2018 9:16 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25205

Re: Blacklist Filter (Development Topic)

Dave, Thank you for your job. Testing: [admin@RBTEST] > /tool fetch mode=https dst-path=/disk1/filters.rsc url="https://bl.mikrotikfilters.com/fetch.php\?priority=1"; status: failed failure: closing connection: <500 Internal Server Error> 35.236.78.203:443 (4) [admin@RBTEST] > /tool fetch mode=https...
by BartoszP
Sat Jul 28, 2018 1:11 pm
Forum: General
Topic: winbox exploit
Replies: 11
Views: 10105

Re: winbox exploit

OMG ... next topic about winbox problem ...

@Prawira ... have you checked forum for this problem? Have you tried this http://bfy.tw/J9pW before posting?
by BartoszP
Thu Jul 26, 2018 9:47 pm
Forum: General
Topic: Attention!!! Routers OS is CRACKED from outside!!!
Replies: 7
Views: 2542

Re: Attention!!! Routers OS is CRACKED from outside!!!

Why is it so hard to ask "uncle Google" for "mikrotik hacked compromised problem winbox 8291" or any combination of these befor posting "CRACKED"?
by BartoszP
Wed Jul 25, 2018 2:12 pm
Forum: General
Topic: Hacked-Rogue DNS?
Replies: 12
Views: 2101

Re: Hacked-Rogue DNS?

Port scanner is a device/person/entity which checks ports in a router so these rules block ports from being discovered and services identified.
by BartoszP
Wed Jul 25, 2018 10:16 am
Forum: General
Topic: Can't get Port Forwarding of 1812 and 16384 to work
Replies: 3
Views: 533

Re: Can't get Port Forwarding of 1812 and 16384 to work

add action=dst-nat chain=dstnat dst-port=1812 in-interface=ether1-gateway protocol=udp to-addresses=192.168.1.124 to-ports=1812 add action=dst-nat chain=dstnat dst-port=16384 in-interface=ether1-gateway protocol=udp to-addresses=192.168.1.124 to-ports=16384 I see that you have PPoE interface in use...
by BartoszP
Wed Jul 25, 2018 12:39 am
Forum: Wireless Networking
Topic: Replacing CAPsMAN
Replies: 8
Views: 3419

Re: Replacing CAPsMAN

Export configuration and import it in the newer device?
by BartoszP
Tue Jul 24, 2018 11:10 pm
Forum: General
Topic: Hacked-Rogue DNS?
Replies: 12
Views: 2101

Re: Hacked-Rogue DNS?

I use this as "first line barrier". Proper WAN ports should be added to WAN_LIST and port 65432 in the first rule should be set to port which Winbox access is set to /interface list add name=WAN_LIST /ip firewall raw add action=accept chain=prerouting dst-port=65432 protocol=tcp add action=add-src-t...
by BartoszP
Tue Jul 24, 2018 10:01 pm
Forum: General
Topic: GRE tunnel not up!
Replies: 2
Views: 280

Re: GRE tunnel not up!

More details please. Configuration, log copy etc.
by BartoszP
Tue Jul 24, 2018 9:53 pm
Forum: General
Topic: ZeroDay Bug For Winbox! [24 April 2018] [SOLVED]
Replies: 3
Views: 730

Re: ZeroDay Bug For Winbox! [24 April 2018] [SOLVED]

It is always interesting for me that some admins could find some information from the past and fit it to their "issue" but are unable to check manufacturers forums, announcments or other sources for current information on the "issue".
by BartoszP
Tue Jul 24, 2018 5:13 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 557
Views: 113454

Re: v6.43rc [release candidate] is released!

Changing name of logged in user is not good idea. What if you are logged as different user?
by BartoszP
Tue Jul 24, 2018 4:57 pm
Forum: Scripting
Topic: cript sending email attack ports
Replies: 6
Views: 611

Re: cript sending email attack ports

So you need in the script check if address-list which you use to block IPs is empty or not and then send an e-mail.
by BartoszP
Tue Jul 24, 2018 2:06 pm
Forum: Scripting
Topic: cript sending email attack ports
Replies: 6
Views: 611

Re: cript sending email attack ports

How do you detect that your router is attacked?
by BartoszP
Sun Jul 22, 2018 9:10 pm
Forum: General
Topic: Can't Block ddos UDP Flood with random IP
Replies: 3
Views: 788

Re: Can't Block ddos UDP Flood with random IP

More details on DDOS attack please.
by BartoszP
Thu Jul 12, 2018 6:20 pm
Forum: Virtualization
Topic: Install Mikrotik on a X86 server
Replies: 4
Views: 1124

Re: Install Mikrotik on a X86 server

Visualise should be "virtualize".

Installing to bare metal has many problems and it seems that Mikrotik is focusing on virtual versions instead on native ones.
by BartoszP
Tue Jul 10, 2018 11:40 pm
Forum: General
Topic: LLDP
Replies: 126
Views: 42942

Re: LLDP

mrz ... should we be still shocked with this fenomenal initial start for next few years?
by BartoszP
Mon Jul 09, 2018 5:58 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105948

Re: Blacklist Filter update script

...
I'm still trying to figure out what to do with my life. At 43, I started not liking what I was doing for work. I've tried a few different things, including running a large non-profit for a while. Now I'm closing in on 45 and I still don't know.
You need "grown-up gap year" :D :D
by BartoszP
Mon Jul 09, 2018 12:30 pm
Forum: Beginner Basics
Topic: How do you turn on hEX's DMZ?
Replies: 16
Views: 2294

Re: How do you turn on hEX's DMZ?

Asking Google with "mikrotik forwarding all ports" gives answer

viewtopic.php?t=93228
by BartoszP
Sat Jul 07, 2018 1:36 pm
Forum: Beginner Basics
Topic: How do you turn on hEX's DMZ?
Replies: 16
Views: 2294

Re: How do you turn on hEX's DMZ?

What is "normal router" for you? Why aren't you using "normal" router?

Have you tried http://bfy.tw/IvvK ?
by BartoszP
Sat Jul 07, 2018 1:31 pm
Forum: Beginner Basics
Topic: Disable video on Facebook, YouTube and etc...
Replies: 8
Views: 1536

Re: Disable video on Facebook, YouTube and etc...

Have you considered installing local proxy like http://www.squid-cache.org/ ?
by BartoszP
Sat Jul 07, 2018 12:51 pm
Forum: General
Topic: Loading system 01
Replies: 2
Views: 574

Re: Loading system 01

Installing ROS on true PC hardware is supposed to fail for modern platforms.
Use virtualization system like KVM, VMWare and then install CHR ROS.
by BartoszP
Sat Jul 07, 2018 12:19 pm
Forum: RouterBOARD hardware
Topic: RB3011 Switching Performance with Hardware Offloading
Replies: 11
Views: 6967

Re: RB3011 Switching Performance with Hardware Offloading

No.
HW offloading is new name for master-port funcionality and is moved to bridge level.
by BartoszP
Fri Jul 06, 2018 5:32 pm
Forum: General
Topic: Installing a basic webpage on the router? [SOLVED]
Replies: 4
Views: 634

Re: Installing a basic webpage on the router? [SOLVED]

Install in LAN NanoPi NEO or similar platform with www server.
by BartoszP
Fri Jul 06, 2018 3:46 pm
Forum: Beginner Basics
Topic: Using mikrotik Firewall Feature
Replies: 15
Views: 1593

Re: Using mikrotik Firewall Feature

What is wrong with my solution?
by BartoszP
Fri Jul 06, 2018 3:30 pm
Forum: Beginner Basics
Topic: Using mikrotik Firewall Feature
Replies: 15
Views: 1593

Re: Using mikrotik Firewall Feature

The answer is easy and takes a few steps to be done. You need one new RJ45 connection RJ45 cable and then A. Prepare RB750 with default configuration. B. Configure VOIP device to use DHCP C Disconnect VOIP device from your LAN D. Connect just disconnected cable to WAN port of RB750 E. Connect new ca...
by BartoszP
Fri Jul 06, 2018 2:52 pm
Forum: RouterBOARD hardware
Topic: problem in rb750 ports
Replies: 1
Views: 335

Re: problem in rb750 ports

Try to wait more than 10 sec. ... maybe 20 sec.
For tablets my rule of thumb is 10-20-30 ... 10 does not work then try 20 and next 30 seconds.
by BartoszP
Thu Jul 05, 2018 9:46 am
Forum: The Dude
Topic: Password bug with The Dude maps v6 (we can read XML)
Replies: 12
Views: 1759

Re: Password bug with The Dude maps v6 (we can read XML)

Normis ... you answer resembles me the quotation of Polish Nobel's prize receiver: "If you have fever do shutter a thermometer." :lol: :lol: :lol:
by BartoszP
Tue Jul 03, 2018 3:04 pm
Forum: General
Topic: Why am I getting this firewall entry???
Replies: 22
Views: 1641

Re: Why am I getting this firewall entry???

Do you have VMPlayer, WMWorkstation, VirtualBox etc. installed on any computer in your LAN? These programs create virtual interfaces and assign them "local networks pools" addresses and offer bridging with real interface so you can see packets originating from these virtal interfaces leaking to your...
by BartoszP
Tue Jul 03, 2018 1:29 pm
Forum: Beginner Basics
Topic: Portforwarding to mikritik and dchp behind other router
Replies: 6
Views: 559

Re: Portforwarding to mikritik and dchp behind other router

Try to narrow problem and first configure mikrotik to pass 192.168.8.x to 192.168.1.x while are you connected to 192.168.8.x network.
If you will be able to access local net then you will be sure that MKT router works.
Then start checking if access from outside DSL model works or not.
by BartoszP
Tue Jul 03, 2018 1:20 pm
Forum: General
Topic: ATTACKS TO UDP PORT 53 (DNS)
Replies: 6
Views: 4934

Re: ATTACKS TO UDP PORT 53 (DNS)

http://lmgtfy.com/?q=mikrotik+dns+allow+remote

Devices at LAN are also remote for router so only router can itself use DNS.
Yes, security is higher but fincionality is lower.
by BartoszP
Fri Jun 29, 2018 3:55 pm
Forum: General
Topic: ATTACKS TO UDP PORT 53 (DNS)
Replies: 6
Views: 4934

Re: ATTACKS TO UDP PORT 53 (DNS)

http://bfy.tw/IpI6

Simply: deny any incoming unexpected/unrelated traffic to your router.
by BartoszP
Thu Jun 28, 2018 5:12 pm
Forum: Announcements
Topic: v6.42.5 [current]
Replies: 124
Views: 23075

Re: v6.42.5 [current]

Do you use Winbox 3.15?
by BartoszP
Wed Jun 27, 2018 8:33 pm
Forum: RouterBOARD hardware
Topic: RB133/133c
Replies: 3
Views: 663

Re: RB133/133c

ROS 5.26
https://mikrotik.com/download

Isn't it time to spend some money to buy newer device?
by BartoszP
Thu Jun 21, 2018 1:25 am
Forum: General
Topic: Blocking Virus from Mikrotik
Replies: 15
Views: 3355

Re: Blocking Virus from Mikrotik

Check this: viewtopic.php?f=21&t=134776
Do you have updated ROS?
by BartoszP
Wed Jun 20, 2018 12:10 pm
Forum: Announcements
Topic: Winbox v3.15 released!
Replies: 21
Views: 7253

Re: Winbox v3.15 released!

+1
Knock pattern should be specific per saved connection.
by BartoszP
Sun Jun 17, 2018 8:15 am
Forum: Beginner Basics
Topic: RB951G-2HnD reseting after update [SOLVED]
Replies: 2
Views: 408

Re: RB951G-2HnD reseting after update [SOLVED]

"Spectacular video" ... :-) :-)

Answer to your question: NETINSTALL.
by BartoszP
Mon Jun 11, 2018 5:58 pm
Forum: Scripting
Topic: CCRxxxxxxx
Replies: 2
Views: 379

Re: CCRxxxxxxx

From CLI export to file just firewall settings.
by BartoszP
Fri Jun 08, 2018 3:36 pm
Forum: Beginner Basics
Topic: Multiple LAN Network - GUI - no Master Port function
Replies: 4
Views: 624

Re: Multiple LAN Network - GUI - no Master Port function

Since 6.41 there is no Master port.
Configure all with bridges and hardware off-loading will be enabled where it could be possible.
by BartoszP
Thu Jun 07, 2018 5:48 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM incorrect stats
Replies: 4
Views: 4055

Re: CSS326-24G-2S+RM incorrect stats

Removed answer in Russian language, ... it was spam.
by BartoszP
Thu Jun 07, 2018 5:35 pm
Forum: RouterBOARD hardware
Topic: Can I restore a backup from a RB1200 to the CCR1009-7G-1C-1S+PC
Replies: 2
Views: 513

Re: Can I restore a backup from a RB1200 to the CCR1009-7G-1C-1S+PC

A. No. backup should be restored on the same device it has been done.
B. Try to export configuration and import into new device.
by BartoszP
Tue Jun 05, 2018 3:44 pm
Forum: Wireless Networking
Topic: Suggested CAPsMAN Hardware
Replies: 11
Views: 1351

Re: Suggested CAPsMAN Hardware

What about freshly announced

RB450Gx4 with 4-core CPU, 1 GB of RAM and hardware IPsec encryption
by BartoszP
Mon Jun 04, 2018 5:31 pm
Forum: Beginner Basics
Topic: Microtik import doubts ...
Replies: 4
Views: 646

Re: Microtik import doubts ...

Check export file for mac=nn:nn:nn.... settings as your new router has different ones so import in 99% will fail if there is mac-mac "clash"
by BartoszP
Mon Jun 04, 2018 4:34 pm
Forum: Announcements
Topic: MikroTik News June 2018 (Issue #83)
Replies: 44
Views: 13698

Re: MikroTik News June 2018 (Issue #83)

In this MikroTik newsletter:
...
- RB450Gx4 with 4-core CPU, 1 GB of RAM and hardware IPsec encryption
...
The RB450Gx4 is an Ethernet router with five Gigabit Ethernet ports, a serial port, 512 MB NAND memory
by BartoszP
Mon Jun 04, 2018 8:12 am
Forum: Wireless Networking
Topic: High Ping on 2.4GHz
Replies: 13
Views: 1536

Re: High Ping on 2.4GHz

Redo configuration from scratch.
Step by step till you will have no problems connecting all devices to 2.4GHz ... then you can start searching other problems.
by BartoszP
Sun Jun 03, 2018 10:31 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

I understand ... but we need assume that Mikrotik is doing their best and try to deliver software without bugs. If we/they have no proof that something is "broken" then they always could say "YES, it is safe".
by BartoszP
Sun Jun 03, 2018 10:04 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

R1CH Scanning port 2000 is not new one ... I see it from long time .. I do not agree that scanners do not identify routers ... they scan them for "well known" ports to make proper attack instead of blind tries. The point is that asking "is btest volunerable?" or "is service >>name of service<< volun...
by BartoszP
Sun Jun 03, 2018 2:08 pm
Forum: General
Topic: how to make MikroTik fast
Replies: 4
Views: 666

Re: how to make MikroTik fast

Usain Bolt will not agree with you.
by BartoszP
Sun Jun 03, 2018 1:31 pm
Forum: General
Topic: how to make MikroTik fast
Replies: 4
Views: 666

Re: how to make MikroTik fast

Not the first question : "Doctor, I'm 32 years old and I'm ill as I'm walking slowly. What should I do?". What answer do you expect?
by BartoszP
Sun Jun 03, 2018 1:19 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77730

Re: VPNfilter official statement

Again and again ... it seems be kind of sport nowadays to ask "Is Mikrotik volunerable because someone is scanning particular port?" If you disable or limit sources's IPs for all new incoming connections then there should be no problem at all. If you not secure your router then offenders will try to...
by BartoszP
Sat Jun 02, 2018 11:21 pm
Forum: General
Topic: Blocking Virus from Mikrotik
Replies: 15
Views: 3355

Re: Blocking Virus from Mikrotik

What is DNS setting for these clients?
What is DHCP server setting in Mikrotik?
Are you sure that router redirects pages?