Community discussions

MikroTik App
 
fredbred
just joined
Topic Author
Posts: 13
Joined: Thu Jun 30, 2005 11:13 am

Secure connection Mikrotik - Winbox

Fri May 05, 2006 5:32 pm

Hi, i am trying to set up a secure connection to manage my routers via winbox.
The connection from winbox itself is not secure and the pass and user can be compromised. Which any possibility have i to protect my connection to router. i am connecting allways over an ethernet interface.
i have not much experience with ipsec or vpn yet.

please post any suggestions.

thnx
 
changeip
Forum Guru
Forum Guru
Posts: 3806
Joined: Fri May 28, 2004 5:22 pm

Fri May 05, 2006 7:59 pm

With 2.9 and the security package it should use port 8291 by default. This will make things encrypted. You can also append :8291 to the hostname and it will try that first, if it doesn't already.
 
User avatar
aitsecurity
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 16, 2006 12:28 am
Location: venezuela

Re: Secure connection Mikrotik - Winbox

Fri May 05, 2006 11:59 pm

Hi, i am trying to set up a secure connection to manage my routers via winbox.
The connection from winbox itself is not secure and the pass and user can be compromised. Which any possibility have i to protect my connection to router. i am connecting allways over an ethernet interface.
i have not much experience with ipsec or vpn yet.

please post any suggestions.

thnx
mmm, i wake up my ethereal sniffer, and make a winbox connection, and is encrypted, but i only see in ascii the library example router.dll, proxy.dll,etc when winbox is running, i was get system resource, and stop the sniffer, and the information from my routeros to my laptop is encrypted.



now, is do you want more, you can make a VPN and run the winbox inside.

i am thinking the winbox is very secure socket,

Best Regards
 
fredbred
just joined
Topic Author
Posts: 13
Joined: Thu Jun 30, 2005 11:13 am

Sun May 07, 2006 9:47 am

my pass has been compromissed by my colleague and he told me, that he was sniffering my ip and that could get my pass during logon. But now i thing he used another way - trought my local stored pass for winbox and my local machine was not secured enought.

i will update this next week.

thnx
 
fredbred
just joined
Topic Author
Posts: 13
Joined: Thu Jun 30, 2005 11:13 am

Wed May 10, 2006 8:58 am

thnx for your support. It realy seem that my pass was compromissed trought local stored config. Next time i have to remember all my pass :-(

But maybe it would also be a good idea not to store the connection config as plain text.

thnx aitsecurity & changeip

Who is online

Users browsing this forum: Renan and 125 guests