Community discussions

MikroTik App
 
User avatar
Joni
Member Candidate
Member Candidate
Topic Author
Posts: 156
Joined: Fri Mar 20, 2015 2:46 pm
Contact:

Why firewall rules are so important...

Mon Oct 16, 2017 3:10 pm

A Google search for "misconfigured" Mikrotik products...

https://www.google.com/search?q=intitle ... on+page%22

Mikrotik should probably at least remove the version number from the login page....
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Why firewall rules are so important...

Tue Oct 17, 2017 10:18 pm

I do agree that version should not be shown. As long as you know the version number, you know what weakness the product has.
 
User avatar
Joni
Member Candidate
Member Candidate
Topic Author
Posts: 156
Joined: Fri Mar 20, 2015 2:46 pm
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 4:35 pm

Years pass by and nothing changes...
 
afuchs
Frequent Visitor
Frequent Visitor
Posts: 81
Joined: Wed Jul 03, 2019 11:10 am

Re: Why firewall rules are so important...

Thu Sep 16, 2021 4:58 pm

Maybe because you should avoid direct access via the Internet and rather connect via a VPN for administration?
The direct access via the Winbox is already bad enough, but with the web interface without restriction of the source IP it is more of a disaster.
 
ivicask
Member
Member
Posts: 417
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: Why firewall rules are so important...

Thu Sep 16, 2021 5:03 pm

Maybe they are honeypots? I hope... :p
 
User avatar
Joni
Member Candidate
Member Candidate
Topic Author
Posts: 156
Joined: Fri Mar 20, 2015 2:46 pm
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 5:08 pm

Maybe they are honeypots? I hope... :p
You're missing the point, the version number is still displayed on the login page, once your router has a vulnerability then anyone with access to the user interface knows which one to exploit..
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:04 pm

The point is that router's management access (any kind) should not be wildly open. Period.

Guess what, many management processors built in servers (BMC, iLO, whatever vendor calls them) have http(s) access and show firmware release on login page. The fact server's got physical management interface while router has virtual one doesn't change anything.

I like to see version on login page so that I don't have to login just to chect software version.
 
User avatar
Joni
Member Candidate
Member Candidate
Topic Author
Posts: 156
Joined: Fri Mar 20, 2015 2:46 pm
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:08 pm

You do realize this is not a opinion debate.
The point is that router's management access (any kind) should not be wildly open. Period.
The point is that no information whatsoever should be shared unless authenticated (by default). Period.
I like to see version on login page so that I don't have to login just to chect software version.
The same reason people like to reuse passwords. If you want to see the version then ask them to selectively enable you to weaken your stance.
Last edited by Joni on Thu Sep 16, 2021 6:10 pm, edited 1 time in total.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:09 pm

You do realize this is not a oppionion debate.

Obviously it is.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:11 pm

@Joni... I WOULD NEVER THINK IT WAS SO EASY... :shock: :shock: :shock: :shock: :shock: :shock: :shock:
Google will take care of them looking for you... Easy life for hacker...

About display version or not:
WHAT IS THE PROBLEM? Simply try all the hack, who stops you?

I open just for joke one link:

python code

\Winbox***>..\Python\Python37\python.exe W*********t.py ***.111.***.11
Connected to ***.111.***.11:8291
Exploit successful

User: d*****e
Pass: 6************B

User: admin
Pass: s*********s
So easy....

And I find two device, with patched router version, user admin with no password.......
 
User avatar
Joni
Member Candidate
Member Candidate
Topic Author
Posts: 156
Joined: Fri Mar 20, 2015 2:46 pm
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:27 pm

Google will take care of them looking for you... Easy life for hacker...
You apparently haven't tried Shodan.
About display version or not:
WHAT IS THE PROBLEM? Simply try all the hack, who stops you?
Trying all hacks triggers alerts and countermeasures on many different levels.
Different methods have different requirements, knowing the version number lets you focus on the right one.
 
User avatar
Joni
Member Candidate
Member Candidate
Topic Author
Posts: 156
Joined: Fri Mar 20, 2015 2:46 pm
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:31 pm

You do realize this is not a oppionion debate.

Obviously it is.

Sure it is https://cwe.mitre.org/data/definitions/200.html
The simplified main point being that there are zero actual benefits about showing it.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Why firewall rules are so important...

Thu Sep 16, 2021 6:43 pm

You apparently haven't tried Shodan.
Yes, because I usually try to help than abuse... :)

My opinion about showing or not (ignoring the fact that, exposed the version or not, on 2 seconds all hack method can be tested)...

This question is really useless, like the debate about what color a van should have, which has left the door open and is about to lose its load ...

The problem is close the door, not just see the color... Or better a system than do not make motor start if the door is leaved open...

MikroTik recently from 6.43 put decent default rules, but the idiots still exist than wipe completely a router before config it,
leaving www, winbox, etc. open to the world, because they are improvised technicians who know nothing of what they do,
just the copy-and-paste from youtube morons or from other sites with absurd scripts...

On YouTube, here, and on other sites there are also intelligent, precise, precious and well explained things,
but if the brain of those who have to accept them is off, nothing can be done ...

Who is online

Users browsing this forum: ccrsxx, GoogleOther [Bot], nickhoulton and 70 guests