Winbox 3.14 released!

Announcements
1

What’s new in v3.14:

*) added support for new style authentication and encryption for connections to RouterOS v6.43;
*) make all connections in secure mode (all data is encrypted with AES128-CBC-SHA);
*) make winbox self upgrade check .exe signature;
*) make up/down keys select previous/next entry in address/neighbors list in connect window while login name or password fields are in focus;
*) make mouse wheel work anywere in connect window if login or password fields are in focus;
*) remember Romon Neighbours Table column widths;
*) fixed problem where selected table items were moved to the top if the table filters dropdown button was clicked twice;

If you experience version related issues, then please report them to support@mikrotik.com.

Winbox is available here:
http://www.mikrotik.com/download

If you try to upgrade directly from Winbox loader and version is not available, then you might need to wait for a while until cache in path between your device and our servers is refreshed.

2

Why does Winbox look for neighbors when running with parameters and directly connecting to a device? There is always a delay of about 2 seconds.

3

thank you for this aked by many forum members
*) make up/down keys select previous/next entry in address/neighbors list in connect window while login name or password fields are in focus;
*) make mouse wheel work anywere in connect window if login or password fields are in focus;

and thank you for this personal request!!!
*) remember Romon Neighbours Table column widths;

4

Sweet! Works good! Thanks!

5

Nice to see a focus on security! Does the “new style authentication” in 6.43 include router/host verification so that man in the middle attacks are no longer possible?

6

It doesn’t. It’s just new way of password hashing :slight_smile: SSH checks hosts.

7

I just tested this.. it checks for a signature, but not Mikrotik’s signature! I sign it myself and winbox blindly runs it :confused:

https://imgur.com/7k8e09p

8

Is that really certificate based ? Or simply some MD5 hash ? In the later case this should not be called signature as this has nothing to do with a secure feature.

9

It checks that the .exe has authenticode signature (certificate based), but doesn’t care who the signer is. It should verify that the Mikrotik public key is used.

10

*) make mouse wheel work anywere in connect window if login or password fields are in focus;

Now it works again ! Thanks

11

Works fine with CHR!

12

Add dark mode please

Sent from my C6833 using Tapatalk

13

NOT repaired problem with log displaying at high resolution screens and Windows scaling: http://forum.mikrotik.com/t/ros-6-x-log-display-problem-with-high-resolution-and-scaling/119719/1
MikroTik team - please repair that problem.

14

Yes, but to be honest, I can’t imagine which other legitimate organisation would go to the trouble of using their Extended Validation certificate to sign Winbox :slight_smile: It’s not like it is simple to obtain.

15

Man in the middle attack is not possible, because

*) WinBox now uses ECSRP for key exchange and authentication (requires new winbox version),
both sides now verify that other side knows password (no man in the middle attack is possible anymore);

16

Nice. Can we see SRP in API login?

17

+1 for dark mode. Its very useful when you are on site and laptop batery is <50%

18

+1

19

I used a regular non-EV certificate to sign the example, those are easy to get and easy to buy on dark web too. A lot of malware abuses code signing certificates these days.

20

You must accept it in Windows trusted certificates first. At least in our test here it must be so.