UPnP

LucZWFM · February 16, 2018, 8:50am

~~[quote=Kackele post_id=642768 time=1518724706 user_id=115363]~~

P.S. I could also tell how RouterOSes without passwords are found and “hacked” so quickly, but for that information I would require some little gift from Mikrotik. Like an SXT LTE or maybe something cheaper, dunno…
[/quote]

Yeah right...

Steveocee · February 16, 2018, 11:19am

~~[quote=Kackele post_id=642768 time=1518724706 user_id=115363]~~
Some time ago an office I support a little receive a letter from CERT, that they have some dangerous ports open. I quicly scan it and yes, theres 53, 445, 80 etc open! I quickly log in and can’t see any portforwards. The local IT guy is also not smart enought to even know how to log in. I take a look in UPnP and voila! Those ports were open by a misconfigured Buffalo or Netgear or something NAS.

Why can RouterOS UPnP open ports under 1024 by default? OK I have an old version there in that remote office, but my friend checked with a fresh one and found the same results.

I think it is a security whole. Sure the problem was in a lame-asses misconfigured NAS, but still. Ports under 1024 should not be opened so easily.

P.S. I could also tell how RouterOSes without passwords are found and “hacked” so quickly, but for that information I would require some little gift from Mikrotik. Like an SXT LTE or maybe something cheaper, dunno…
[/quote]

UPnP is there to do whatever is needed, why should it discriminate between ports? If the person who set it up was competent enough to set UPnP then they should have been competent enough to circumnavigate the associated risks. Have you turned off UPnP and set up forwards correctly?

Why is it RouterOS/MikroTik fault that it is doing this?

If somebody put a hammer through your car windows, you wouldn’t blame the hammers manufacturer, you’d blame the person who did it. Same applies.

CZFan · February 16, 2018, 12:37pm

~~[quote=Steveocee post_id=642883 time=1518779955 user_id=81631]~~
~~[quote=Kackele post_id=642768 time=1518724706 user_id=115363]~~
Some time ago an office I support a little receive a letter from CERT, that they have some dangerous ports open. I quicly scan it and yes, theres 53, 445, 80 etc open! I quickly log in and can’t see any portforwards. The local IT guy is also not smart enought to even know how to log in. I take a look in UPnP and voila! Those ports were open by a misconfigured Buffalo or Netgear or something NAS.

Why can RouterOS UPnP open ports under 1024 by default? OK I have an old version there in that remote office, but my friend checked with a fresh one and found the same results.

I think it is a security whole. Sure the problem was in a lame-asses misconfigured NAS, but still. Ports under 1024 should not be opened so easily.

P.S. I could also tell how RouterOSes without passwords are found and “hacked” so quickly, but for that information I would require some little gift from Mikrotik. Like an SXT LTE or maybe something cheaper, dunno…
[/quote]

UPnP is there to do whatever is needed, why should it discriminate between ports? If the person who set it up was competent enough to set UPnP then they should have been competent enough to circumnavigate the associated risks. Have you turned off UPnP and set up forwards correctly?

Why is it RouterOS/MikroTik fault that it is doing this?

If somebody put a hammer through your car windows, you wouldn’t blame the hammers manufacturer, you’d blame the person who did it. Same applies.
[/quote]

Where is the like button?

normis · February 16, 2018, 3:18pm

The “guys” are right. You enabled UPnP, so where is the problem?

jarda · February 16, 2018, 3:30pm

And what is your understanding? To protect systems against administrators?

null31 · February 16, 2018, 3:41pm

Kackele, do you is trolling MT’s forum since yesterday?
I’m feeling that.
Maybe you is revolted with network world and m$ failOS.

Edit: Please, visit the /b/ from chans and enjoy it!

(based on your post pattern)

jarda · February 16, 2018, 3:58pm

Let him express his ideas. Maybe we can learn something from him. Hope he will be polite enough and we will not need to ban him.

jarda · February 16, 2018, 4:01pm

What every other router does is not an argument. I use mikrotik routers and router OS mainly because it let me do what I want. Unlike the other routers you might be referring to.

Steveocee · February 16, 2018, 4:09pm

@OP
Port numbers below 1024 not being forwarded easily is a figment of your imagination, I manage several routers for differing companies, Drayteks, Asus, TP-Link, MikroTik, Ubiquiti, PFSense and all of them allow me to open ports EASILY. Perfect example is 80 for on site web hosting. Please do not transpose your previous failures into a fictional statement.

Just because it is not how YOU think it should be done does not mean it is wrong.

Steveocee · February 16, 2018, 4:23pm

~~[quote=Kackele post_id=643011 time=1518797605 user_id=115363]~~
~~[quote=Steveocee post_id=643007 time=1518797396 user_id=81631]~~
Port numbers below 1024 not being forwarded easily is a figment of your imagination, I manage several routers for differing companies, Drayteks, Asus, TP-Link, MikroTik, Ubiquiti, PFSense and all of them allow me to open ports EASILY. Perfect example is 80 for on site web hosting. Please do not transpose your previous failures into a fictional statement.

Just because it is not how YOU think it should be done does not mean it is wrong.
[/quote]

Read the Topic! Do you actually know what UPnP is? I don’t think most of the smartasses didn’t understand what it is all about.
[/quote]

I did.

Yes. Surely as a very highly skilled sysadmin though you fully understand why UPnP is actually so bad and would never implement it, advocate it and remove it if you found it?

Can you not use double negatives? It makes your already mad ramblings more difficult to take in.