Community discussions

Search found 1514 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 31
by BartoszP
Sun Aug 19, 2018 10:09 am
Forum: General
Topic: Passwords for hundreds/thousdands of devices
Replies: 10
Views: 366

Re: Passwords for hundreds/thousdands of devices

What do you mean by "manage"?
by BartoszP
Sun Aug 19, 2018 1:28 am
Forum: Wireless Networking
Topic: Sharing Motel WiFi
Replies: 3
Views: 137

Re: Sharing Motel WiFi

Yes.
Use any dual band device. Use one WiFi interface as WAN and the second connect to LAN bridge.
by BartoszP
Tue Aug 14, 2018 10:16 pm
Forum: Announcements
Topic: Photos of towers and masts
Replies: 35
Views: 6621

Re: Photos of towers and masts

Real world without tie-wraps does not exist :-)
by BartoszP
Tue Aug 14, 2018 9:13 pm
Forum: General
Topic: force push local address to gateway? (to avoid Hairpin NAT)
Replies: 4
Views: 201

Re: force push local address to gateway? (to avoid Hairpin NAT)

What is wrong with Harpin NAT? It is just name of technology which "other" routers do behind the scenes.
One line for NAT. That is all.
by BartoszP
Mon Aug 13, 2018 8:38 am
Forum: General
Topic: Forced routing with UTM connected both ends to Mikrotik
Replies: 6
Views: 246

Re: Forced routing with UTM connected both ends to Mikrotik

Maybe you should just make bridge for ETH1+ETH2 and the second for ETH3+ETH4 and connect it with this UTM?
by BartoszP
Mon Aug 13, 2018 8:20 am
Forum: Beginner Basics
Topic: One IP Public Multiple Webserver
Replies: 4
Views: 194

Re: One IP Public Multiple Webserver

It is not problem of Mikrotik configuration.

You should configure virtual hosts on your WWW server to manage different domains.
In Mikrotik device you should pass all HTTP trafic to this server.
by BartoszP
Thu Aug 09, 2018 8:24 am
Forum: General
Topic: New Attack on WPA/WPA2 Discovered, Most Modern Routers Might be at Risk
Replies: 8
Views: 759

Re: New Attack on WPA/WPA2 Discovered, Most Modern Routers Might be at Risk

Davis,
Is ROS affected? IMHO it is stupid question.
If Mikrotik implements and follow WiFi standard then the standard is affected then this "flow in design" is in current ROS implemented.

What, in yor opinion, should be done? Change to WiFi implementation to not follow standard?
by BartoszP
Wed Aug 08, 2018 11:03 pm
Forum: Announcements
Topic: Security announcement blog
Replies: 60
Views: 6629

Re: Security announcement blog

What is the conclusion?
by BartoszP
Wed Aug 08, 2018 10:32 pm
Forum: General
Topic: Another worrying Wi-Fi exploit could potentially plague your router
Replies: 3
Views: 256

Re: Another worrying Wi-Fi exploit could potentially plague your router

What is connection of cracking WiFi credentials and router?
by BartoszP
Tue Aug 07, 2018 5:37 pm
Forum: General
Topic: Blokeo de linkedin y permitir pasar solo a una ip
Replies: 2
Views: 120

Re: Blokeo de linkedin y permitir pasar solo a una ip

Please rewrite in English please or the post will be deleted.
by BartoszP
Sun Aug 05, 2018 2:34 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

Mikrotik has room improve also with the blog...
Rhetorical question: Why people needs blogs, tweets or Facebook messages to feel beeing informed well?
by BartoszP
Sun Aug 05, 2018 9:59 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

Honestly I had never read the announcements section of the forum, I do now......
43north ... please do not take it personally :-) but this is the quotation of the month ... maybe even of the year.
by BartoszP
Sun Aug 05, 2018 9:20 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

43north ... you are using our forum ... you are posting ... why have you not upgraded your router earlier even you have had (I suppose) knowledge of the problem?
by BartoszP
Sat Aug 04, 2018 9:36 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 68
Views: 3134

Re: Blacklist Filter (Development Topic)

...Have you considered using external to your network honeypots as source of offending IPs? ... I'm not quite sure I follow what you are saying. I'm always open to more sources. The new system is very modular. So importing another source is as simple as coding an import module for it. Could it be p...
by BartoszP
Sat Aug 04, 2018 7:54 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 2741

Re: Mikrotik in the news..bad news

Hands up who is daily following CVE news?
by BartoszP
Sat Aug 04, 2018 7:25 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 68
Views: 3134

Re: Blacklist Filter (Development Topic)

Dave, Have you considered using external to your network honeypots as source of offending IPs? I use as the first frontier such RAW drop rules and all the time there are some IPs on the list of attackers. add action=add-src-to-address-list address-list=RAWATTACK2 address-list-timeout=127m chain=prer...
by BartoszP
Fri Aug 03, 2018 2:54 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

Once again: I'm not "advocatus diaboli" of Mikrotik but you should apply right measure to the problem. OK. There was a problem spotted and repaired ... a lot of programs/devices had, have and will have them ... period. The problem is/was resolved ... time to apply cure. IF YOU WANT. If not ... stop ...
by BartoszP
Fri Aug 03, 2018 2:06 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

...Yes, from "now on". Figuratively speaking - a few months is almost nothing when you have hundreds of thousands of devices out in the wild. As others already mentioned, do not expect people to promptly install your 0-day fix (as I recon, there were some communication glitches along the way, too)....
by BartoszP
Fri Aug 03, 2018 10:21 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

As Oude Kirk is about 5 min. walking from Central Station then most people start and end visiting Amsterdam do not crossing Damstraat and they are missing eg. Rembrandt's Museum. Not even trying to visit or just find any windmill Nederlands are famous for :-)
by BartoszP
Fri Aug 03, 2018 9:30 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

To not be blamed that they do nothing !!!!

Have you read carefully all recent posts on forum about this "problem"?

Mikrotik is almost blamed for not upgraded 70k+ routers in Brazil, that people are not informed and so on ...

PS.

Windmills +1
by BartoszP
Fri Aug 03, 2018 9:11 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

Normis ...
It seems to be a fight with windmills ... this is era when most people read JUST THE TOPIC and do not read more than one sentence of news and most of them do not even want to think what they are reading about. Topic is all information they want to know.
by BartoszP
Thu Aug 02, 2018 8:23 pm
Forum: Announcements
Topic: Security announcement blog
Replies: 60
Views: 6629

Re: Security announcement blog

"Mikrotik call home" :) .... crazy idea. And what about routers which has "unsafe" ROS version but are hidden behind other firewall with good security? Should they magically be banned? What about connections with low bandwith? Should it be "eaten" by regular ROS verion checks? Tha main idea of route...
by BartoszP
Thu Aug 02, 2018 5:29 pm
Forum: Beginner Basics
Topic: ERROR: wrong username or password
Replies: 2
Views: 129

Re: ERROR: wrong username or password

Try to Netinstall.
by BartoszP
Thu Aug 02, 2018 4:49 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11997

Re: Winbox vulnerability: please upgrade

On forum posts if the subject line doesn't interest me, I would never read it.
It is like: I do not like this song as I have never listened to it earlier and the title is boring me. :D
by BartoszP
Thu Aug 02, 2018 4:38 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 2741

Re: Mikrotik in the news..bad news

You have to know what you're doing with all this kit really unless you can just plug it in with the default config and not touch it, which goes back to the original issue. Lots of people buy this kit with no real expertise, and lots of people have these routers installed with no ongoing support and...
by BartoszP
Thu Aug 02, 2018 3:43 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 2741

Re: Mikrotik in the news..bad news

What we are talking about?
Ask average user what router is .... answers will be like "What?", "YYYYaaaaayyyyaaa? What?", to more sophisticated "Do you mean this white/blue/silver etc. box?" or "I have Internet from WiFi".
by BartoszP
Thu Aug 02, 2018 2:22 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 2741

Re: Mikrotik in the news..bad news

@msatter
Do you think that all 70 000 users of hacked devices in Brazil do even know what WinBox is?
by BartoszP
Thu Aug 02, 2018 2:10 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 2741

Re: Mikrotik in the news..bad news

@msatter: How do you expect that Mikrotik could MORE persuade people to upgrade if they (users not Mikrotik) do not care? It is not a matter how many infos Mikrotik will publish. If admin/user/owner do not care than it is not a problem of Mikrotik. Do you think that other comapnies call or mail each...
by BartoszP
Thu Aug 02, 2018 2:02 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 2741

Re: Mikrotik in the news..bad news

The sad part is that owners/admins DO NOT CARE.
by BartoszP
Thu Aug 02, 2018 9:58 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 68
Views: 3134

Re: Blacklist Filter (Development Topic)

Fixed.
by BartoszP
Thu Aug 02, 2018 9:16 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 68
Views: 3134

Re: Blacklist Filter (Development Topic)

Dave, Thank you for your job. Testing: [admin@RBTEST] > /tool fetch mode=https dst-path=/disk1/filters.rsc url="https://bl.mikrotikfilters.com/fetch.php\?priority=1"; status: failed failure: closing connection: <500 Internal Server Error> 35.236.78.203:443 (4) [admin@RBTEST] > /tool fetch mode=https...
by BartoszP
Sat Jul 28, 2018 1:11 pm
Forum: General
Topic: winbox exploit
Replies: 11
Views: 1156

Re: winbox exploit

OMG ... next topic about winbox problem ...

@Prawira ... have you checked forum for this problem? Have you tried this http://bfy.tw/J9pW before posting?
by BartoszP
Thu Jul 26, 2018 9:47 pm
Forum: General
Topic: Attention!!! Routers OS is CRACKED from outside!!!
Replies: 7
Views: 559

Re: Attention!!! Routers OS is CRACKED from outside!!!

Why is it so hard to ask "uncle Google" for "mikrotik hacked compromised problem winbox 8291" or any combination of these befor posting "CRACKED"?
by BartoszP
Wed Jul 25, 2018 2:12 pm
Forum: General
Topic: Hacked-Rogue DNS?
Replies: 12
Views: 795

Re: Hacked-Rogue DNS?

Port scanner is a device/person/entity which checks ports in a router so these rules block ports from being discovered and services identified.
by BartoszP
Wed Jul 25, 2018 10:16 am
Forum: General
Topic: Can't get Port Forwarding of 1812 and 16384 to work
Replies: 3
Views: 145

Re: Can't get Port Forwarding of 1812 and 16384 to work

add action=dst-nat chain=dstnat dst-port=1812 in-interface=ether1-gateway protocol=udp to-addresses=192.168.1.124 to-ports=1812 add action=dst-nat chain=dstnat dst-port=16384 in-interface=ether1-gateway protocol=udp to-addresses=192.168.1.124 to-ports=16384 I see that you have PPoE interface in use...
by BartoszP
Wed Jul 25, 2018 12:39 am
Forum: Wireless Networking
Topic: Replacing CAPsMAN
Replies: 8
Views: 2318

Re: Replacing CAPsMAN

Export configuration and import it in the newer device?
by BartoszP
Tue Jul 24, 2018 11:10 pm
Forum: General
Topic: Hacked-Rogue DNS?
Replies: 12
Views: 795

Re: Hacked-Rogue DNS?

I use this as "first line barrier". Proper WAN ports should be added to WAN_LIST and port 65432 in the first rule should be set to port which Winbox access is set to /interface list add name=WAN_LIST /ip firewall raw add action=accept chain=prerouting dst-port=65432 protocol=tcp add action=add-src-t...
by BartoszP
Tue Jul 24, 2018 10:01 pm
Forum: General
Topic: GRE tunnel not up!
Replies: 2
Views: 98

Re: GRE tunnel not up!

More details please. Configuration, log copy etc.
by BartoszP
Tue Jul 24, 2018 9:53 pm
Forum: General
Topic: ZeroDay Bug For Winbox! [24 April 2018] [SOLVED]
Replies: 3
Views: 316

Re: ZeroDay Bug For Winbox! [24 April 2018] [SOLVED]

It is always interesting for me that some admins could find some information from the past and fit it to their "issue" but are unable to check manufacturers forums, announcments or other sources for current information on the "issue".
by BartoszP
Tue Jul 24, 2018 5:13 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 498
Views: 66664

Re: v6.43rc [release candidate] is released!

Changing name of logged in user is not good idea. What if you are logged as different user?
by BartoszP
Tue Jul 24, 2018 4:57 pm
Forum: Scripting
Topic: cript sending email attack ports
Replies: 6
Views: 246

Re: cript sending email attack ports

So you need in the script check if address-list which you use to block IPs is empty or not and then send an e-mail.
by BartoszP
Tue Jul 24, 2018 2:06 pm
Forum: Scripting
Topic: cript sending email attack ports
Replies: 6
Views: 246

Re: cript sending email attack ports

How do you detect that your router is attacked?
by BartoszP
Sun Jul 22, 2018 9:10 pm
Forum: General
Topic: Can't Block ddos UDP Flood with random IP
Replies: 3
Views: 190

Re: Can't Block ddos UDP Flood with random IP

More details on DDOS attack please.
by BartoszP
Thu Jul 12, 2018 6:20 pm
Forum: Virtualization
Topic: Install Mikrotik on a X86 server
Replies: 4
Views: 302

Re: Install Mikrotik on a X86 server

Visualise should be "virtualize".

Installing to bare metal has many problems and it seems that Mikrotik is focusing on virtual versions instead on native ones.
by BartoszP
Tue Jul 10, 2018 11:40 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: LLDP
Replies: 122
Views: 35643

Re: LLDP

mrz ... should we be still shocked with this fenomenal initial start for next few years?
by BartoszP
Mon Jul 09, 2018 5:58 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 630
Views: 75423

Re: Blacklist Filter update script

...
I'm still trying to figure out what to do with my life. At 43, I started not liking what I was doing for work. I've tried a few different things, including running a large non-profit for a while. Now I'm closing in on 45 and I still don't know.
You need "grown-up gap year" :D :D
by BartoszP
Mon Jul 09, 2018 12:30 pm
Forum: Beginner Basics
Topic: How do you turn on hEX's DMZ?
Replies: 6
Views: 357

Re: How do you turn on hEX's DMZ?

Asking Google with "mikrotik forwarding all ports" gives answer

viewtopic.php?t=93228
  • 1
  • 2
  • 3
  • 4
  • 5
  • 31