Default password vulnerability
Being a beginner with router os, I configured my mikrotik routers internet connection using ppoe, and set my DSL modem to bridge mode. After opening a terminal I noticed a flood of login attempts. Only because I'd changed the login credentials first, basically by chance, did these login attempts fail... Seems like a pretty big vulnerability in the security for a beginner using quickset!?!
Re: Default password vulnerability
Yes, but this is caused by bad instructions on internet or people "experimenting" without studying the matter.
When you would have used quickset to setup PPPoE it would not be such a problem because there would be
an incoming firewall on the PPPoE.
But when you just configure the router as plain router, then remember PPPoE, watch a naive Youtube movie
on how to add a PPPoE interface, and do not adjust the firewall, yes then you are in trouble!
I have often proposed that the firewall is changed to do a default drop and accept only what is explicitly allowed
(like traffic from the LAN), but MikroTik won't do that. So it is your own responsibility to drop incoming traffic
from any new interface that you add.
When you would have used quickset to setup PPPoE it would not be such a problem because there would be
an incoming firewall on the PPPoE.
But when you just configure the router as plain router, then remember PPPoE, watch a naive Youtube movie
on how to add a PPPoE interface, and do not adjust the firewall, yes then you are in trouble!
I have often proposed that the firewall is changed to do a default drop and accept only what is explicitly allowed
(like traffic from the LAN), but MikroTik won't do that. So it is your own responsibility to drop incoming traffic
from any new interface that you add.
Re: Default password vulnerability
My point is why bother with a quickset if it fails to provide fundamental security? Just bugs me that people with specialised IT knowledge often say "lol amateur" rather than create solutions for beginners (specifically change login credentials on first login). -i used quickset and there were no such firewall rules for SSH/telnet etc as I remember
Re: Default password vulnerability
Hello,
RouterOS is much more configurable/flexible and powerful, thus not comparable to any of these 'typical' end-user-friendly routers and their GUIs - whether Webfig nor Winbox.
Even those 'typical' end-user-friendly routers allow weak or even NO admin/access password to be set if per user-choice.
Check
https://wiki.mikrotik.com/wiki/Manual:I ... figuration
and
https://wiki.mikrotik.com/wiki/Manual:S ... our_Router
greets
RouterOS is much more configurable/flexible and powerful, thus not comparable to any of these 'typical' end-user-friendly routers and their GUIs - whether Webfig nor Winbox.
Even those 'typical' end-user-friendly routers allow weak or even NO admin/access password to be set if per user-choice.
Check
https://wiki.mikrotik.com/wiki/Manual:I ... figuration
and
https://wiki.mikrotik.com/wiki/Manual:S ... our_Router
greets
Re: Default password vulnerability
If you use QuickSet to change internet mode to "PPPoE", the firewall is set on the PPPoE interface. I tested it, and this is what the QuickSet adds:
So as a beginner, I suggest using QuickSet and then using "Firewall router" in QuickSet.
So as a beginner, I suggest using QuickSet and then using "Firewall router" in QuickSet.
You do not have the required permissions to view the files attached to this post.
Re: Default password vulnerability
But with quickset it works OK!My point is why bother with a quickset if it fails to provide fundamental security?
It only fails when you manually add the PPPoE
Re: Default password vulnerability
Cool thanks for the replies, I'll check it out when I'm Infront of my computer