Community discussions

Search found 191 matches

by ivicask
Fri Sep 28, 2018 12:15 pm
Forum: General
Topic: something is wrong with my DNS resolving...
Replies: 8
Views: 306

Re: something is wrong with my DNS resolving...

https://i.imgur.com/xjwAmyu.jpg My DNS settings looks ok to me, i did not make any changes for years. This problem occurred yesterday without any modification from my side. I also noticed unauthorized attempt to log in into my router viewtopic.php?f=2&t=139702 My current suspicion is that someone m...
by ivicask
Sat Sep 22, 2018 8:40 pm
Forum: General
Topic: restore back to identical devices never works :(
Replies: 28
Views: 911

Re: restore back to identical devices never works :(

At the very leat, we should be able to import a backup into another device of same model and RoS/bootloader version. Certificates, users and all. I think that is working. But in practice it is not enough. E.g. I have 2 installs of CCR1009-8G-1S-1S+ which when broken is no longer available and would...
by ivicask
Tue Sep 18, 2018 6:11 pm
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 370

Re: Port 60000 attacks, anyone info on this?

I'm seeing them too. From two different routers: [admin@MikroTik] > /log print count-only where message~":60000->" 6 and [admin@MikroTik] > /log print count-only where message~":60000->" 14 They are stealth in the sense that they avoid typical blacklisting attempts; just a few contacts per hour com...
by ivicask
Tue Sep 18, 2018 4:46 pm
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 370

Re: Port 60000 attacks, anyone info on this?

... i was just wondering if anyone else is getting probed via this port as it seams im catching this on several locations and not 100% sure what to do about it. Could be, but I don't notice as I have a general drop rule at the end of firewall rules list. It does show increasing number of connection...
by ivicask
Tue Sep 18, 2018 4:33 pm
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 370

Re: Port 60000 attacks, anyone info on this?

... i was just wondering if anyone else is getting probed via this port as it seams im catching this on several locations and not 100% sure what to do about it. Could be, but I don't notice as I have a general drop rule at the end of firewall rules list. It does show increasing number of connection...
by ivicask
Tue Sep 18, 2018 4:29 pm
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 370

Re: Port 60000 attacks, anyone info on this?

I don't get it why would anybody want to allow connections to some random port (3389 is as nice random number as any other between 0 and 65536) from internet at large? Your firewall rule is not complete ... attacker can easily change source port to some other and your rule won't catch anything. I g...
by ivicask
Tue Sep 18, 2018 4:16 pm
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 370

Re: Port 60000 attacks, anyone info on this?

I don't get it why would anybody want to allow connections to some random port (3389 is as nice random number as any other between 0 and 65536) from internet at large? Your firewall rule is not complete ... attacker can easily change source port to some other and your rule won't catch anything. I g...
by ivicask
Tue Sep 18, 2018 11:45 am
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 370

Port 60000 attacks, anyone info on this?

After recently one of our server got hacked over RDC and got crpytolocker i noticed theres frequent port 60000 TCP to 3389 and also other random ports attemps. After bit googling it says that port 60000 is "deepthroat" trojan attack port. For now i added firewall rule to catch all source port 60000 ...
by ivicask
Mon Sep 17, 2018 1:17 pm
Forum: General
Topic: How to remotely administer Mikrotik routers in safeway
Replies: 19
Views: 756

Re: How to remotely administer Mikrotik routers in safeway

Hello As we all know it's very important how to configure firewall and services on our Miktotik routers. A lot of us are using Winbox for remote administrating because its easiest, changing port from 8021 to any other doesnt rise security level. So next step is to use SSH but I read that I can't fo...
by ivicask
Fri Sep 14, 2018 4:26 pm
Forum: Beginner Basics
Topic: Is it possible make queue tree under simple queue
Replies: 5
Views: 879

Re: Is it possible make queue tree under simple queue

Why not create new PCQ queue with desired limits, but add a bit above burst limits, set this queue to hotspot interface, it should smoothen out browsing while downloading.
by ivicask
Tue Aug 28, 2018 10:42 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 558
Views: 84044

Re: v6.43rc [release candidate] is released!

I cant update CCR1009-7G-1C from 6.43rc51 to 6.43rc64, i click check for updates, download&install, after reboot i still have old version.Tried also manually downloading the file and puting into root and rebooting, same thing. EDIT:I figured it , i had other router package so it failed to select pro...
by ivicask
Sun Aug 05, 2018 7:07 pm
Forum: Wireless Networking
Topic: High Ping on 2.4GHz
Replies: 12
Views: 684

Re: High Ping on 2.4GHz

I often have this problem with 2.4ghz, where its un-usable, without any close networks to interfere, what helps alot is set mode to G/N, or only N if you dont need backward compatibility.
by ivicask
Sat Aug 04, 2018 10:55 am
Forum: Wireless Networking
Topic: Caps selecting same channel
Replies: 30
Views: 3675

Re: Caps selecting same channel

Anything new on this topic? CAPSMAN still uses the same frequency for all 5 GHz radios on my hap AC devices regardless of any configuration I might try. There is only one setup that works: in case I DON'T set any frequencies AND uncheck "skip DFS channels" I end up having different channels on my r...
by ivicask
Mon Jul 09, 2018 12:40 pm
Forum: Beginner Basics
Topic: SSID for kids Zone with OpenDNS
Replies: 14
Views: 689

Re: SSID for kids Zone with OpenDNS

HI, I haven't got a different DHCP server for each SSID because I couldn't create one. Couldn't add New DHCP server - can not run on slave interface (6) Sorry to be dum but this is my debut with routerboard OS. I think that having a different DHCP server for each SSID is the way I'll like to go for...
by ivicask
Mon Jul 09, 2018 12:15 pm
Forum: Beginner Basics
Topic: SSID for kids Zone with OpenDNS
Replies: 14
Views: 689

Re: SSID for kids Zone with OpenDNS

Hi, I managed to create multiple SSID in my house. One of the SSID is for my children and their friends (9 years old). The idea of having multiple ssid was to be able to control the content on the kids wifi using OpenDNS. So far, I haven't managed to figure out how to set dns per ssid so that my ma...
by ivicask
Thu Jun 21, 2018 9:25 am
Forum: Wireless Networking
Topic: wAP LTE kit - phenomenally bad performance
Replies: 20
Views: 1620

Re: wAP LTE kit - phenomenally bad performance

my phone does 4g 50+download and 15+ upload at same location, same provider, different SIM You can forget about it, alot of users including me already complained about it, dont bother with this device if u expect any normal speeds, its just terrible. https://forum.mikrotik.com/viewtopic.php?f=7&t=1...
by ivicask
Mon Jun 11, 2018 10:39 am
Forum: General
Topic: MT Router honeypot.
Replies: 20
Views: 1317

Re: MT Router honeypot.

I wonder if Mikrotik has honeypot routers, pretty sure they dont or they would already capture all the previous exploits before it would spread like they did.

Any official statement regarding this from mikrotik?
by ivicask
Sun Jun 10, 2018 8:33 pm
Forum: Wireless Networking
Topic: 60Ghz 2.4km - possible?
Replies: 35
Views: 2675

Re: 60Ghz 2.4km - possible?

Hey folks. We need to replace one of our 5Ghz Links due to high noise. We would like to switch to 60 Ghz. The Link is 2.4km and has 600 meters of altitude change. We don’t need a Gigabit. 100 mbits would be plenty. Has anyone any experience if this is even possible? We got about 15% less Air preass...
by ivicask
Thu Jun 07, 2018 9:22 am
Forum: Wireless Networking
Topic: Suggested CAPsMAN Hardware
Replies: 11
Views: 759

Re: Suggested CAPsMAN Hardware

Ok, Thanks for the replies. Local Forwarding isn't an option, so we need some model with higher CPU. Also Fast-Track can't be used, because we need some firewall rules to hide the rest of our network from the CAPs Clients. I think we will go with RB1100x4 or maybe we will try the RB3011. I will rep...
by ivicask
Wed Jun 06, 2018 12:08 am
Forum: Wireless Networking
Topic: Suggested CAPsMAN Hardware
Replies: 11
Views: 759

Re: Suggested CAPsMAN Hardware

What's wrong with RB750Gr3, I use it with 7 Wap Ac, we have 150mbit line, and few queue tree rules, one simple queue for guest network, and up to 70 clients, works fine. Note I use local forwarding, not sure if it would work so good with capsman forwarding, u may need use higher cpu power product th...
by ivicask
Tue Jun 05, 2018 2:03 pm
Forum: Announcements
Topic: MikroTik News June 2018 (Issue #83)
Replies: 43
Views: 9721

Re: MikroTik News June 2018 (Issue #83)

- new, improved SXT LTE kit with two Ethernet ports Same price but ....inferior....:( Yes, hope MT stops recycling those old modems, and give us some LTE product with LTE 6+ category What do you guys mean? It is much better than SXT LTE first generation: "In comparison with our first generation mod...
by ivicask
Tue Jun 05, 2018 9:35 am
Forum: Announcements
Topic: MikroTik News June 2018 (Issue #83)
Replies: 43
Views: 9721

Re: MikroTik News June 2018 (Issue #83)

- new, improved SXT LTE kit with two Ethernet ports

Same price but ....inferior....:(
Yes, hope MT stops recycling those old modems, and give us some LTE product with LTE 6+ category
by ivicask
Mon Jun 04, 2018 3:29 pm
Forum: RouterBOARD hardware
Topic: wAP ac overheating?Crashing
Replies: 1
Views: 350

wAP ac overheating?Crashing

I have one wAP ac whos giving me problems for some time, but unfortunately is also out of warranty so i just wonder what are normal temps for this device?When i copy files over 5ghz interface at around (450mbit/s ) speeds, the router hits 80c and than randomly starts crashing and its not visible on ...
by ivicask
Thu May 24, 2018 1:53 pm
Forum: RouterBOARD hardware
Topic: wAP ac not discoverable over ethernet
Replies: 5
Views: 523

Re: wAP ac not discoverable over ethernet

I have couple of wAP ac devices that for some odd reason doesn't come up in the Winbox discovery. Connecting via MAC address fails too. Connecting over IP is OK. If I'm connected to Wifi, then everything works as expected (discovery + connecting over MAC and IP). Is this expected behavior? Coz for ...
by ivicask
Wed May 16, 2018 9:40 am
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 50
Views: 8098

Re: Future of LTE products, user feedback requested

I would be happy with product like this

https://mikrotik.com/product/mant_lte_5o

But with integrated modem and 1 lan port, nothing more..
And atleast CAT6 is a MUST so it doesnt work like some 10 year old phone/device with horrific perfomance like current WAP LTE works.
by ivicask
Sat May 12, 2018 10:46 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 1043

Re: 3x3 MIMO antennas >20dBi

Just wondering if someone can tell me why there are no 3x3 MIMO antennas on the market much greater than 20dBi ? I have a couple of RB921UAGS-5SHPacD-NM(triple chain capable) doing about 8KM's point to point, but limited to 2x2 due to antenna limitations(cant find a commercial 28 to 30dBi antenna w...
by ivicask
Mon Apr 23, 2018 4:12 pm
Forum: Beginner Basics
Topic: WiFi comparison between hAP ac2 and hAP ac
Replies: 12
Views: 4912

Re: WiFi comparison between hAP ac2 and hAP ac

I'm doing WiFi coverage tests between 2 Models: RBD52G-5HacD2HnD-TC (I will call it hAPac2) RB962UiGS-5HacT2HnT (I will call it hAPac) WiFi comparison between hAP ac2 and hAP ac.png The suggested price of both models results in a price difference of $ 60.00 My question: Where is such a big differen...
by ivicask
Mon Apr 23, 2018 3:17 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 118605

Re: Advisory: Vulnerability exploiting the Winbox port

But that whats the point of this, i ran it 3 times and got all my ports listed 3 times before mikrotik blocked it, "attacker" already have all it needs. Scan this 93.155.148.98 - my IP address and tell me the open ports please! It shows none now, but is this site already on your block list?Try clea...
by ivicask
Mon Apr 23, 2018 3:03 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 118605

Re: Advisory: Vulnerability exploiting the Winbox port

But if i run it from https://mxtoolbox.com/SuperTool.aspx?action=scan, it finishes every time and shows my open ports on router without blocking it.. Try for your self. OK, try this : ip fi fi add action=add-src-to-address-list address-list=Port_Scanner address-list-timeout=1w chain=input comment="...
by ivicask
Mon Apr 23, 2018 2:34 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 118605

Re: Advisory: Vulnerability exploiting the Winbox port

What do do : 1) Firewall the Winbox port from the public interface, and from untrusted networks. It is best, if you only allow known IP addresses to connect to your router to any services, not just Winbox. We suggest this to become common practice. As an alternative, possibly easier, use the "IP ->...
by ivicask
Wed Apr 11, 2018 12:28 pm
Forum: RouterBOARD hardware
Topic: Hardware for Traffic Shaping ~500mbps
Replies: 3
Views: 508

Re: Hardware for Traffic Shaping ~500mbps

Hi Everyone, I am looking for a recommendation for hardware that is capable of doing traffic shaping on a line that is about 500dn/100up without choking. I currently have a 300/20 link and am using other vendor hardware that employs hardware offloading that is reaching it's limit due to QOS turning...
by ivicask
Sun Apr 08, 2018 5:14 pm
Forum: General
Topic: Proxy causes 100% load on only 30mbit bandwidth?
Replies: 0
Views: 156

Proxy causes 100% load on only 30mbit bandwidth?

I have one RB911G connected to another wifi as client, and i just want to use it as proxy server so i can add it to my Dropbox or Mozila settings so i can surf over other net. Moment i run speedtest CPU gets lucked down to 100% and cant pass more than 30mbit, while im having 50mbit speed.The cache i...
by ivicask
Sun Apr 08, 2018 2:30 pm
Forum: General
Topic: Huge outgoing DNS requests (100gb in week)
Replies: 9
Views: 594

Re: Huge outgoing DNS requests (100gb in week)

Well it simple stopped, now it had like 30mb dns traffic in a week, i did nothing, upgraded or even rebooted router.

Will monitor if it happens again.
by ivicask
Fri Apr 06, 2018 5:24 pm
Forum: General
Topic: Huge outgoing DNS requests (100gb in week)
Replies: 9
Views: 594

Re: Huge outgoing DNS requests (100gb in week)

6.41rc52, doubt it's infected, it was installed 2 months ago, had latest version of os since installed, I have very stric firewall rules, I drop dns requests from net etc.. router has complex pass etc.
by ivicask
Fri Apr 06, 2018 3:33 pm
Forum: General
Topic: Huge outgoing DNS requests (100gb in week)
Replies: 9
Views: 594

Re: Huge outgoing DNS requests (100gb in week)

Wireshark shows all standard query packets, and gets responding ip addresses resolved back , but i do see them repeating, even it already got proper ip adresses reported back, and domain and ip exist. Still doesnt make sense, if it does return proper IP why is it repeating requests and not simple c...
by ivicask
Fri Apr 06, 2018 3:27 pm
Forum: General
Topic: Huge outgoing DNS requests (100gb in week)
Replies: 9
Views: 594

Re: Huge outgoing DNS requests (100gb in week)

Check the DNS cache, but this is a likely explanation, depending on the number of clients using your DNS. Even if u unplug entire network, meaning only Mikrotik leaves, this DNS requests still go . And we are talking about like 20 clients max who use internet lightly, its impossible they do 100gb D...
by ivicask
Fri Apr 06, 2018 2:57 pm
Forum: General
Topic: Huge outgoing DNS requests (100gb in week)
Replies: 9
Views: 594

Re: Huge outgoing DNS requests (100gb in week)

Check the DNS cache, but this is a likely explanation, depending on the number of clients using your DNS. Even if u unplug entire network, meaning only Mikrotik leaves, this DNS requests still go . And we are talking about like 20 clients max who use internet lightly, its impossible they do 100gb D...
by ivicask
Fri Apr 06, 2018 11:20 am
Forum: General
Topic: MUM berlin
Replies: 28
Views: 1890

Re: MUM berlin

Ah common Mikrotik, mANT 5o LTE, at first i was YES, finally new LTE device, than realized its just antena. Was it a problem to give us such product with builtin LTE modem of higher category than current ones you have.Thats all pointless what you did.WAP LTE performs so bad, no antena will help it, ...
by ivicask
Fri Apr 06, 2018 9:58 am
Forum: General
Topic: Huge outgoing DNS requests (100gb in week)
Replies: 9
Views: 594

Huge outgoing DNS requests (100gb in week)

I just installed one HAP ac at one customer, they got NEW HP switch with fiber connection to internet from ISP, and its connected to my LAN1 port on Mikrotik which has fixed ip 192.168.1.3, than all is routed out thru LAN port 2 on mikrotik on range 192.168.100.0/24 to customers internal netowrk. No...
by ivicask
Thu Mar 29, 2018 2:48 pm
Forum: General
Topic: Router + switch + ap all in one solution
Replies: 15
Views: 860

Re: Router + switch + ap all in one solution

I don't think so. The RB750Gr3 is a nice router, check in the specs what its achievable performance is, but when you are talking about 1Gbps internet and of course you are going to speedtest that, this class of router is simply not going to cut it (with a manageable configuration w.r.t firewall and...
by ivicask
Sun Mar 25, 2018 4:39 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature requests
Replies: 942
Views: 153894

Re: Feature requests

Hello to disable DNS attacking please add listen address on better from use ip firewall filters /ip dns allow-remote-requist=yes /ip dns listen-src-address=192.168.88.0/24,x.xx,y.y.y Regards Cant you already do that via firewall, dont understand what more you need, if you want to block DNS requests...
by ivicask
Tue Mar 06, 2018 12:14 pm
Forum: General
Topic: Cant ping by hostname outside mikrotik via IPIP tunnel
Replies: 0
Views: 159

Cant ping by hostname outside mikrotik via IPIP tunnel

So i created an IPIP tunel between 2 locations, NAT and routes are properly added and i can ping without issue networks form both sides, enter network shares, RDC etc. Problem is i cant access any of them by hostname of server/computer. Mikrotik from its console can ping by name without issues, but ...
by ivicask
Mon Feb 12, 2018 4:38 pm
Forum: RouterBOARD hardware
Topic: CAP ac bad Antenna design?
Replies: 95
Views: 14522

Re: CAP ac bad Antenna design?

The new hAPac^2 and cAPac have two chains, since most devices only have 2 chains and the third chain is rarely used. What about load balancing between chains?What if i have 20 + various devices which have mix of 1 or 2 chains, arent all 3 chains on Mikrotik device used and give better overall throu...
by ivicask
Mon Feb 05, 2018 2:45 pm
Forum: General
Topic: Shorten URL via Mikrotik, possible?
Replies: 1
Views: 253

Shorten URL via Mikrotik, possible?

I wonder if its posibble to shroten URL somehow from mine mikrotik router for one TV in network.I tried using online URL shortners but they are not realible or have link expiration or max opening.And its too complicated for me to enter this long URL who sometimes changes into TV. For xample link loo...
by ivicask
Tue Jan 30, 2018 11:18 am
Forum: Wireless Networking
Topic: Tired of disconnection problem
Replies: 4
Views: 330

Re: Tired of disconnection problem

I have same issue on several locations with different aps.. For example this is my HOME, and the client that says extnesive data loos is a TV who doesnt move inch, and as u can see signal is more than powerful(-48-62), still i get random disconnects for all devices at home, Philips TV, HTC phone, AS...
by ivicask
Tue Jan 16, 2018 3:07 pm
Forum: General
Topic: Block many websites
Replies: 20
Views: 4465

Re: Block many websites

New and exciting way to block things introduced in latest 6.41, block by SSL certificate name with TLS-HOST: /ip firewall filter add action=drop chain=forward protocol=tcp tls-host=*facebook.com What about sites who dont use SSL?Or does sites SSL certificate needs to be named same name as site?How ...
by ivicask
Tue Jan 16, 2018 2:58 pm
Forum: General
Topic: Block many websites
Replies: 20
Views: 4465

Re: Block many websites

That is indeed very simple, but unfortunately it will not work correctly! One IP address can handle multiple websites, so when you block this way you will block other sites as well. Well than in that case you can do DNS block /ip dns static add address=127.0.0.1 regexp=facebook.com etc And in order...
by ivicask
Tue Jan 16, 2018 2:49 pm
Forum: General
Topic: Block many websites
Replies: 20
Views: 4465

Re: Block many websites

Thanks Normis, By ip you mean to block the ip addresses of websites in Firewall->Filter Rules right? I ll try that /ip firewall address-list add address=facebook.com list=blocked_web add address=youtube.com list=blocked_web add address=whatever.com list=blocked_web etc continue the list from your e...
by ivicask
Sat Dec 30, 2017 8:01 pm
Forum: Wireless Networking
Topic: SXTsq 5 ac. WTF? It doesn't work.
Replies: 80
Views: 9473

Re: SXTsq 5 ac. WTF? It doesn't work.

So it's official that
SXT SQ AC cannot function properly under NV2 protocol?
Could You paste what support replyed to You?
IM using them with nv2 and they work fine.