Community discussions

 
NetflashTechnical
just joined
Topic Author
Posts: 15
Joined: Fri May 10, 2013 3:43 pm

PSA: bandwidth-test Brute Force attempts

Mon Aug 20, 2018 5:42 pm

So it looks like someone has gotten wise to Mikrotik's having bandwidth-test enabled by default and pretty much every public IP-facing Mikrotik we have has logs looking like this now:

Image

Upside: Getting more targeted attacks against Mikrotiks means they're becoming just that much more mainstream!
Downside: Getting more targeted attacks.

I mean yeah, it's our fault for not disabling or securing it from "default-to-on-and-open" in the first place. Anyway, this is an easy audit/fix for most people, just disable the bandwidth-test server where not needed, and firewall it otherwise.
 
R1CH
Forum Veteran
Forum Veteran
Posts: 884
Joined: Sun Oct 01, 2006 11:44 pm

Re: PSA: bandwidth-test Brute Force attempts

Wed Aug 22, 2018 12:19 am

On a related note, it would be nice to see bandwidth-test server moved to IP / services so all the useless services can be disabled in one place.
 
eXS
newbie
Posts: 42
Joined: Fri Apr 14, 2017 4:01 am

Re: PSA: bandwidth-test Brute Force attempts

Wed Aug 22, 2018 7:38 am

I might agree with that, services are kind of all overish

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 9 guests