Hi,
in the release notes of RouterOS 5.5 is says, that the connection via WebFig is encrypted, even if running over HTTP.
Could you please be more specific about this? How does the encryption work? Are the initial username/password transfered as unencrypted or encrypted? How could be encryption of this achieved over HTTP?
Is there actually an option to run Webfig over HTTPS??
Webfig allows to transfer files, start a terminal with a SSH client to other systems, etc. This is a feature that many admins would like to avoid for the “normal users” in the corporate networks, because they usually want to isolate the users from the “outside” world as much as possible. How (if at all) can then for example this kind of traffic be identified e.g. on a firewall with packet inspection??
regards
Dubak